Fortify

Fortify ScanCentral DAST API

REST API for Fortify ScanCentral DAST, which provides centralized dynamic application security testing management. Enables orchestration of DAST scans across distributed sensors and integration with CI/CD pipelines.

GitHub OpenAPI

Documentation

📖
Documentation
https://www.microfocus.com/documentation/fortify-ScanCentral-DAST/2520/
📖
GettingStarted
https://www.microfocus.com/documentation/fortify-ScanCentral-DAST/2520/sc-dast-ugd-25.2.0.pdf

Specifications

OpenAPI
https://raw.githubusercontent.com/api-evangelist/fortify/refs/heads/main/openapi/fortify-scancentral-dast-openapi.yml

Other Resources

🔗
NaftikoCapability
https://raw.githubusercontent.com/api-evangelist/fortify/refs/heads/main/capabilities/scancentral-dast-ci-cd.yaml
🔗
NaftikoCapability
https://raw.githubusercontent.com/api-evangelist/fortify/refs/heads/main/capabilities/scancentral-dast-scan-policies.yaml
🔗
NaftikoCapability
https://raw.githubusercontent.com/api-evangelist/fortify/refs/heads/main/capabilities/scancentral-dast-scan-schedules.yaml
🔗
NaftikoCapability
https://raw.githubusercontent.com/api-evangelist/fortify/refs/heads/main/capabilities/scancentral-dast-scan-settings.yaml
🔗
NaftikoCapability
https://raw.githubusercontent.com/api-evangelist/fortify/refs/heads/main/capabilities/scancentral-dast-scans.yaml
🔗
NaftikoCapability
https://raw.githubusercontent.com/api-evangelist/fortify/refs/heads/main/capabilities/scancentral-dast-sensor-pools.yaml
🔗
NaftikoCapability
https://raw.githubusercontent.com/api-evangelist/fortify/refs/heads/main/capabilities/scancentral-dast-sensors.yaml
🔗
NaftikoCapability
https://raw.githubusercontent.com/api-evangelist/fortify/refs/heads/main/capabilities/scancentral-dast-system.yaml

OpenAPI Specification

fortify-scancentral-dast-openapi.yml Raw ↑ 
openapi: 3.1.0
info:
  title: Fortify ScanCentral DAST API
  description: >-
    REST API for Fortify ScanCentral DAST, which provides centralized dynamic
    application security testing management. Enables orchestration of DAST scans
    across distributed WebInspect sensors, management of scan settings and
    policies, sensor pool configuration, and CI/CD pipeline integration.
    Authentication uses FortifyToken obtained from Fortify Software Security
    Center.
  version: v2
  contact:
    name: OpenText Fortify Support
    url: https://www.opentext.com/support
    email: [email protected]
  license:
    name: Proprietary
    url: https://www.opentext.com/about/legal/website-terms-of-use
  x-logo:
    url: https://www.microfocus.com/brand/fortify-logo.png
externalDocs:
  description: Fortify ScanCentral DAST Documentation
  url: https://www.microfocus.com/documentation/fortify-ScanCentral-DAST/
servers:
  - url: '{protocol}://{host}/api'
    description: ScanCentral DAST API Server
    variables:
      protocol:
        default: https
        enum:
          - https
          - http
      host:
        default: localhost:8500
        description: Your ScanCentral DAST server hostname and port
security:
  - fortifyToken: []
tags:
  - name: CI/CD
    description: CI/CD pipeline integration endpoints
  - name: Scan Policies
    description: Manage scan policies
  - name: Scan Schedules
    description: Manage scheduled scans
  - name: Scan Settings
    description: Manage scan configuration settings
  - name: Scans
    description: Manage and initiate DAST scans
  - name: Sensor Pools
    description: Manage sensor pools for scan distribution
  - name: Sensors
    description: Manage WebInspect sensors
  - name: System
    description: System health and configuration
paths:
  /scans:
    get:
      operationId: listScans
      summary: Fortify List scans
      description: >-
        Retrieves a paginated list of DAST scans. Supports filtering by
        status, settings, and other criteria.
      tags:
        - Scans
      parameters:
        - $ref: '#/components/parameters/Offset'
        - $ref: '#/components/parameters/Limit'
        - name: status
          in: query
          description: Filter by scan status
          schema:
            type: string
            enum:
              - Queued
              - Pending
              - Running
              - Complete
              - Failed
              - Paused
              - ImportingScanResults
              - Unknown
        - name: scanSettingsId
          in: query
          description: Filter by scan settings identifier
          schema:
            type: string
            format: uuid
        - name: orderBy
          in: query
          description: Field to sort results by
          schema:
            type: string
        - name: orderByDirection
          in: query
          description: Sort direction
          schema:
            type: string
            enum:
              - ASC
              - DESC
      responses:
        '200':
          description: Successful response with list of scans
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ScanListResponse'
        '401':
          $ref: '#/components/responses/Unauthorized'
        '403':
          $ref: '#/components/responses/Forbidden'
  /scans/{scanId}:
    get:
      operationId: getScan
      summary: Fortify Get scan
      description: Retrieves details for a specific scan by identifier.
      tags:
        - Scans
      parameters:
        - $ref: '#/components/parameters/ScanId'
      responses:
        '200':
          description: Successful response with scan details
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DastScan'
        '401':
          $ref: '#/components/responses/Unauthorized'
        '404':
          $ref: '#/components/responses/NotFound'
    delete:
      operationId: deleteScan
      summary: Fortify Delete scan
      description: Deletes a specific scan and its results.
      tags:
        - Scans
      parameters:
        - $ref: '#/components/parameters/ScanId'
      responses:
        '200':
          description: Scan deleted successfully
        '401':
          $ref: '#/components/responses/Unauthorized'
        '404':
          $ref: '#/components/responses/NotFound'
  /scans/{scanId}/action:
    post:
      operationId: performScanAction
      summary: Fortify Perform scan action
      description: >-
        Performs an action on a scan such as pausing, resuming, cancelling, or
        retrying.
      tags:
        - Scans
      parameters:
        - $ref: '#/components/parameters/ScanId'
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/ScanActionRequest'
      responses:
        '200':
          description: Action performed successfully
        '400':
          $ref: '#/components/responses/BadRequest'
        '401':
          $ref: '#/components/responses/Unauthorized'
        '404':
          $ref: '#/components/responses/NotFound'
  /scans/{scanId}/scan-log:
    get:
      operationId: getScanLog
      summary: Fortify Get scan log
      description: Retrieves the scan log for a specific scan.
      tags:
        - Scans
      parameters:
        - $ref: '#/components/parameters/ScanId'
      responses:
        '200':
          description: Successful response with scan log content
          content:
            application/octet-stream:
              schema:
                type: string
                format: binary
        '401':
          $ref: '#/components/responses/Unauthorized'
        '404':
          $ref: '#/components/responses/NotFound'
  /scans/{scanId}/scan-summary:
    get:
      operationId: getScanSummary
      summary: Fortify Get scan summary
      description: >-
        Retrieves a summary of the scan results including vulnerability counts
        and scan metrics.
      tags:
        - Scans
      parameters:
        - $ref: '#/components/parameters/ScanId'
      responses:
        '200':
          description: Successful response with scan summary
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DastScanSummary'
        '401':
          $ref: '#/components/responses/Unauthorized'
        '404':
          $ref: '#/components/responses/NotFound'
  /scans/start-scan:
    post:
      operationId: startScan
      summary: Fortify Start scan
      description: >-
        Starts a new DAST scan using the specified scan settings configuration.
      tags:
        - Scans
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/StartScanRequest'
      responses:
        '200':
          description: Scan started successfully
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/StartScanResponse'
        '400':
          $ref: '#/components/responses/BadRequest'
        '401':
          $ref: '#/components/responses/Unauthorized'
        '403':
          $ref: '#/components/responses/Forbidden'
  /scans/start-scan-cicd:
    post:
      operationId: startScanCicd
      summary: Fortify Start scan from CI/CD
      description: >-
        Starts a new DAST scan from a CI/CD pipeline using a pre-configured
        CI/CD token that references the scan settings. This is the primary
        endpoint for CI/CD integration.
      tags:
        - CI/CD
        - Scans
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/StartScanCicdRequest'
      responses:
        '200':
          description: Scan started successfully from CI/CD
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/StartScanResponse'
        '400':
          $ref: '#/components/responses/BadRequest'
        '401':
          $ref: '#/components/responses/Unauthorized'
        '403':
          $ref: '#/components/responses/Forbidden'
  /scan-settings:
    get:
      operationId: listScanSettings
      summary: Fortify List scan settings
      description: >-
        Retrieves a paginated list of scan settings configurations, which
        define how scans are executed.
      tags:
        - Scan Settings
      parameters:
        - $ref: '#/components/parameters/Offset'
        - $ref: '#/components/parameters/Limit'
        - name: searchText
          in: query
          description: Search text to filter settings by name
          schema:
            type: string
        - name: orderBy
          in: query
          description: Field to sort results by
          schema:
            type: string
        - name: orderByDirection
          in: query
          description: Sort direction
          schema:
            type: string
            enum:
              - ASC
              - DESC
      responses:
        '200':
          description: Successful response with list of scan settings
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ScanSettingsListResponse'
        '401':
          $ref: '#/components/responses/Unauthorized'
        '403':
          $ref: '#/components/responses/Forbidden'
    post:
      operationId: createScanSettings
      summary: Fortify Create scan settings
      description: >-
        Creates a new scan settings configuration defining target URL,
        authentication, scan policy, and other parameters.
      tags:
        - Scan Settings
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/CreateScanSettingsRequest'
      responses:
        '201':
          description: Scan settings created successfully
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ScanSettings'
        '400':
          $ref: '#/components/responses/BadRequest'
        '401':
          $ref: '#/components/responses/Unauthorized'
        '403':
          $ref: '#/components/responses/Forbidden'
  /scan-settings/{scanSettingsId}:
    get:
      operationId: getScanSettings
      summary: Fortify Get scan settings
      description: Retrieves details for a specific scan settings configuration.
      tags:
        - Scan Settings
      parameters:
        - name: scanSettingsId
          in: path
          required: true
          description: Unique identifier of the scan settings
          schema:
            type: string
            format: uuid
      responses:
        '200':
          description: Successful response with scan settings details
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ScanSettings'
        '401':
          $ref: '#/components/responses/Unauthorized'
        '404':
          $ref: '#/components/responses/NotFound'
    put:
      operationId: updateScanSettings
      summary: Fortify Update scan settings
      description: Updates an existing scan settings configuration.
      tags:
        - Scan Settings
      parameters:
        - name: scanSettingsId
          in: path
          required: true
          description: Unique identifier of the scan settings
          schema:
            type: string
            format: uuid
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/UpdateScanSettingsRequest'
      responses:
        '200':
          description: Scan settings updated successfully
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ScanSettings'
        '400':
          $ref: '#/components/responses/BadRequest'
        '401':
          $ref: '#/components/responses/Unauthorized'
        '404':
          $ref: '#/components/responses/NotFound'
    delete:
      operationId: deleteScanSettings
      summary: Fortify Delete scan settings
      description: Deletes a scan settings configuration.
      tags:
        - Scan Settings
      parameters:
        - name: scanSettingsId
          in: path
          required: true
          description: Unique identifier of the scan settings
          schema:
            type: string
            format: uuid
      responses:
        '200':
          description: Scan settings deleted successfully
        '401':
          $ref: '#/components/responses/Unauthorized'
        '404':
          $ref: '#/components/responses/NotFound'
  /scan-settings/{scanSettingsId}/cicd-token:
    get:
      operationId: getScanSettingsCicdToken
      summary: Fortify Get CI/CD token
      description: >-
        Retrieves the CI/CD token for a scan settings configuration, used to
        trigger scans from CI/CD pipelines.
      tags:
        - CI/CD
        - Scan Settings
      parameters:
        - name: scanSettingsId
          in: path
          required: true
          description: Unique identifier of the scan settings
          schema:
            type: string
            format: uuid
      responses:
        '200':
          description: Successful response with CI/CD token
          content:
            application/json:
              schema:
                type: object
                properties:
                  cicdToken:
                    type: string
                    format: uuid
                    description: CI/CD token for triggering scans
        '401':
          $ref: '#/components/responses/Unauthorized'
        '404':
          $ref: '#/components/responses/NotFound'
    post:
      operationId: regenerateScanSettingsCicdToken
      summary: Fortify Regenerate CI/CD token
      description: >-
        Regenerates the CI/CD token for a scan settings configuration,
        invalidating the previous token.
      tags:
        - CI/CD
        - Scan Settings
      parameters:
        - name: scanSettingsId
          in: path
          required: true
          description: Unique identifier of the scan settings
          schema:
            type: string
            format: uuid
      responses:
        '200':
          description: CI/CD token regenerated successfully
          content:
            application/json:
              schema:
                type: object
                properties:
                  cicdToken:
                    type: string
                    format: uuid
        '401':
          $ref: '#/components/responses/Unauthorized'
        '404':
          $ref: '#/components/responses/NotFound'
  /scan-policies:
    get:
      operationId: listScanPolicies
      summary: Fortify List scan policies
      description: >-
        Retrieves a list of available scan policies that control which
        vulnerability checks are performed during scans.
      tags:
        - Scan Policies
      parameters:
        - $ref: '#/components/parameters/Offset'
        - $ref: '#/components/parameters/Limit'
      responses:
        '200':
          description: Successful response with list of scan policies
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ScanPolicyListResponse'
        '401':
          $ref: '#/components/responses/Unauthorized'
  /scan-policies/{scanPolicyId}:
    get:
      operationId: getScanPolicy
      summary: Fortify Get scan policy
      description: Retrieves details for a specific scan policy.
      tags:
        - Scan Policies
      parameters:
        - name: scanPolicyId
          in: path
          required: true
          description: Unique identifier of the scan policy
          schema:
            type: string
            format: uuid
      responses:
        '200':
          description: Successful response with scan policy details
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ScanPolicy'
        '401':
          $ref: '#/components/responses/Unauthorized'
        '404':
          $ref: '#/components/responses/NotFound'
  /sensors:
    get:
      operationId: listSensors
      summary: Fortify List sensors
      description: >-
        Retrieves a list of WebInspect sensors registered with ScanCentral
        DAST, including their status and capabilities.
      tags:
        - Sensors
      parameters:
        - $ref: '#/components/parameters/Offset'
        - $ref: '#/components/parameters/Limit'
        - name: status
          in: query
          description: Filter by sensor status
          schema:
            type: string
            enum:
              - Active
              - Inactive
              - Disabled
        - name: sensorPoolId
          in: query
          description: Filter by sensor pool
          schema:
            type: string
            format: uuid
      responses:
        '200':
          description: Successful response with list of sensors
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/SensorListResponse'
        '401':
          $ref: '#/components/responses/Unauthorized'
        '403':
          $ref: '#/components/responses/Forbidden'
  /sensors/{sensorId}:
    get:
      operationId: getSensor
      summary: Fortify Get sensor
      description: Retrieves details for a specific sensor.
      tags:
        - Sensors
      parameters:
        - name: sensorId
          in: path
          required: true
          description: Unique identifier of the sensor
          schema:
            type: string
            format: uuid
      responses:
        '200':
          description: Successful response with sensor details
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Sensor'
        '401':
          $ref: '#/components/responses/Unauthorized'
        '404':
          $ref: '#/components/responses/NotFound'
    put:
      operationId: updateSensor
      summary: Fortify Update sensor
      description: Updates a sensor's configuration such as pool assignment.
      tags:
        - Sensors
      parameters:
        - name: sensorId
          in: path
          required: true
          description: Unique identifier of the sensor
          schema:
            type: string
            format: uuid
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/UpdateSensorRequest'
      responses:
        '200':
          description: Sensor updated successfully
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Sensor'
        '400':
          $ref: '#/components/responses/BadRequest'
        '401':
          $ref: '#/components/responses/Unauthorized'
        '404':
          $ref: '#/components/responses/NotFound'
    delete:
      operationId: deleteSensor
      summary: Fortify Delete sensor
      description: Removes a sensor from ScanCentral DAST.
      tags:
        - Sensors
      parameters:
        - name: sensorId
          in: path
          required: true
          description: Unique identifier of the sensor
          schema:
            type: string
            format: uuid
      responses:
        '200':
          description: Sensor deleted successfully
        '401':
          $ref: '#/components/responses/Unauthorized'
        '404':
          $ref: '#/components/responses/NotFound'
  /sensor-pools:
    get:
      operationId: listSensorPools
      summary: Fortify List sensor pools
      description: >-
        Retrieves a list of sensor pools used to group sensors for scan
        distribution.
      tags:
        - Sensor Pools
      parameters:
        - $ref: '#/components/parameters/Offset'
        - $ref: '#/components/parameters/Limit'
      responses:
        '200':
          description: Successful response with list of sensor pools
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/SensorPoolListResponse'
        '401':
          $ref: '#/components/responses/Unauthorized'
    post:
      operationId: createSensorPool
      summary: Fortify Create sensor pool
      description: Creates a new sensor pool for organizing sensors.
      tags:
        - Sensor Pools
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/CreateSensorPoolRequest'
      responses:
        '201':
          description: Sensor pool created successfully
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/SensorPool'
        '400':
          $ref: '#/components/responses/BadRequest'
        '401':
          $ref: '#/components/responses/Unauthorized'
  /sensor-pools/{sensorPoolId}:
    get:
      operationId: getSensorPool
      summary: Fortify Get sensor pool
      description: Retrieves details for a specific sensor pool.
      tags:
        - Sensor Pools
      parameters:
        - name: sensorPoolId
          in: path
          required: true
          description: Unique identifier of the sensor pool
          schema:
            type: string
            format: uuid
      responses:
        '200':
          description: Successful response with sensor pool details
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/SensorPool'
        '401':
          $ref: '#/components/responses/Unauthorized'
        '404':
          $ref: '#/components/responses/NotFound'
    put:
      operationId: updateSensorPool
      summary: Fortify Update sensor pool
      description: Updates a sensor pool's properties.
      tags:
        - Sensor Pools
      parameters:
        - name: sensorPoolId
          in: path
          required: true
          description: Unique identifier of the sensor pool
          schema:
            type: string
            format: uuid
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/UpdateSensorPoolRequest'
      responses:
        '200':
          description: Sensor pool updated successfully
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/SensorPool'
        '400':
          $ref: '#/components/responses/BadRequest'
        '401':
          $ref: '#/components/responses/Unauthorized'
        '404':
          $ref: '#/components/responses/NotFound'
    delete:
      operationId: deleteSensorPool
      summary: Fortify Delete sensor pool
      description: Deletes a sensor pool.
      tags:
        - Sensor Pools
      parameters:
        - name: sensorPoolId
          in: path
          required: true
          description: Unique identifier of the sensor pool
          schema:
            type: string
            format: uuid
      responses:
        '200':
          description: Sensor pool deleted successfully
        '401':
          $ref: '#/components/responses/Unauthorized'
        '404':
          $ref: '#/components/responses/NotFound'
  /scan-schedules:
    get:
      operationId: listScanSchedules
      summary: Fortify List scan schedules
      description: Retrieves a list of scheduled scans.
      tags:
        - Scan Schedules
      parameters:
        - $ref: '#/components/parameters/Offset'
        - $ref: '#/components/parameters/Limit'
      responses:
        '200':
          description: Successful response with list of scan schedules
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ScanScheduleListResponse'
        '401':
          $ref: '#/components/responses/Unauthorized'
    post:
      operationId: createScanSchedule
      summary: Fortify Create scan schedule
      description: Creates a new scheduled scan configuration.
      tags:
        - Scan Schedules
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/CreateScanScheduleRequest'
      responses:
        '201':
          description: Scan schedule created successfully
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ScanSchedule'
        '400':
          $ref: '#/components/responses/BadRequest'
        '401':
          $ref: '#/components/responses/Unauthorized'
  /scan-schedules/{scanScheduleId}:
    get:
      operationId: getScanSchedule
      summary: Fortify Get scan schedule
      description: Retrieves details for a specific scan schedule.
      tags:
        - Scan Schedules
      parameters:
        - name: scanScheduleId
          in: path
          required: true
          description: Unique identifier of the scan schedule
          schema:
            type: string
            format: uuid
      responses:
        '200':
          description: Successful response with scan schedule details
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ScanSchedule'
        '401':
          $ref: '#/components/responses/Unauthorized'
        '404':
          $ref: '#/components/responses/NotFound'
    put:
      operationId: updateScanSchedule
      summary: Fortify Update scan schedule
      description: Updates an existing scan schedule.
      tags:
        - Scan Schedules
      parameters:
        - name: scanScheduleId
          in: path
          required: true
          description: Unique identifier of the scan schedule
          schema:
            type: string
            format: uuid
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/UpdateScanScheduleRequest'
      responses:
        '200':
          description: Scan schedule updated successfully
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ScanSchedule'
        '400':
          $ref: '#/components/responses/BadRequest'
        '401':
          $ref: '#/components/responses/Unauthorized'
        '404':
          $ref: '#/components/responses/NotFound'
    delete:
      operationId: deleteScanSchedule
      summary: Fortify Delete scan schedule
      description: Deletes a scan schedule.
      tags:
        - Scan Schedules
      parameters:
        - name: scanScheduleId
          in: path
          required: true
          description: Unique identifier of the scan schedule
          schema:
            type: string
            format: uuid
      responses:
        '200':
          description: Scan schedule deleted successfully
        '401':
          $ref: '#/components/responses/Unauthorized'
        '404':
          $ref: '#/components/responses/NotFound'
  /health:
    get:
      operationId: getHealth
      summary: Fortify Get system health
      description: >-
        Returns the health status of the ScanCentral DAST system, including
        database connectivity and service availability.
      tags:
        - System
      security: []
      responses:
        '200':
          description: System is healthy
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/HealthResponse'
        '503':
          description: System is unhealthy
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/HealthResponse'
components:
  securitySchemes:
    fortifyToken:
      type: apiKey
      in: header
      name: Authorization
      description: >-
        Fortify token-based authentication. Pass as: FORTIFYTOKEN <token_value>.
        Obtain a CI token from SSC Administration or use an SSC auth token.
  parameters:
    ScanId:
      name: scanId
      in: path
      required: true
      description: Unique identifier of the scan
      schema:
        type: string
        format: uuid
    Offset:
      name: offset
      in: query
      description: Number of records to skip for pagination
      schema:
        type: integer
        format: int32
        default: 0
    Limit:
      name: limit
      in: query
      description: Maximum number of records to return
      schema:
        type: integer
        format: int32
        default: 50
  schemas:
    DastScan:
      type: object
      description: Represents a DAST scan
      properties:
        id:
          type: string
          format: uuid
          description: Unique identifier of the scan
        name:
          type: string
          description: Name of the scan
        scanSettingsId:
          type: string
          format: uuid
          description: Identifier of the scan settings used
        scanSettingsName:
          type: string
          description: Name of the scan settings
        status:
          type: string
          description: Current scan status
          enum:
            - Queued
            - Pending
            - Running
            - Complete
            - Failed
            - Paused
            - ImportingScanResults
            - Unknown
        sensorId:
          type: string
          format: uuid
          description: Identifier of the assigned sensor
        sensorName:
          type: string
          description: Name of the assigned sensor
        startTime:
          type: string
          format: date-time
          description: Scan start time
        endTime:
          type: string
          format: date-time
          description: Scan end time
        totalVulnerabilities:
          type: integer
          format: int32
          description: Total number of vulnerabilities found
        criticalCount:
          type: integer
          format: int32
          description: Number of critical vulnerabilities
        highCount:
          type: integer
          format: int32
          description: Number of high vulnerabilities
        mediumCount:
          type: integer
          format: int32
          description: Number of medium vulnerabilities
        lowCount:
          type: integer
          format: int32
          description: Number of low vulnerabilities
        infoCount:
          type: integer
          format: int32
          description: Number of informational findings
        sscApplicationVersionId:
          type: integer
          format: int64
          description: SSC application version identifier
        createdDate:
          type: string
          format: date-time
          description: Date when the scan was created
    DastScanSummary:
      type: object
      description: Summary of a DAST scan
      properties:
        scanId:
          type: string
          format: uuid
          description: Scan identifier
        status:
          type: string
          description: Scan status
        totalVulnerabilities:
          type: integer
          format: int32
          description: Total vulnerabilities found
        criticalCount:
          type: integer
          format: int32
        highCount:
          type: integer
          format: int32
        mediumCount:
          type: integer
          format: int32
        lowCount:
          type: integer
          format: int32
        infoCount:
          type: integer
          format: int32
        pagesScanned:
          type: integer
          format: int32
          description: Number of pages scanned
        requestsMade:
          type: integer
          format: int32
          description: Number of HTTP requests made
        scanDuration:
          type: string
          description: Duration of the scan
    ScanSettings:
      type: object
      description: Scan settings configuration
      properties:
        id:
          type: string
          format: uuid
          description: Unique identifier
        name:
          type: string
          description: Settings name
        startUrl:
          type: string
          format: uri
          description: Starting URL for the scan
        scanPo

# --- truncated at 32 KB (44 KB total) ---
# Full source: https://raw.githubusercontent.com/api-evangelist/fortify/refs/heads/main/openapi/fortify-scancentral-dast-openapi.yml