Secure Code Warrior DirectLinking API API Reference
Secure Code Warrior's Direct link API is a service to allows our partners to link directly to our content in the SCW microlearning content. We support standard API responses (where JSON data is returned) and also a redirection capability, allowing partners to redirect their users to content directly.
The main service endpoint resides GET /api/v1/trial
A typical request looks like this:
To get your referred identifier please send a request to integration-partners@securecodewarrior.com
Version: 1.2.0
DirectLinking
Get Trial Link
This endpoint returns an object containing a URL that can be used to send a user to the Secure Code Warrior microlearning content.
The referrer Identifier:
Please send a request to integration-partners@securecodewarrior.com to get your company specific id
The vulnerability mapping list you want to use. If no mapping list is defined, the default mapping list based on the Secure Code Warrior vulnerability categories is used. For a complete list of all available mapping lists, use GET /api/v1/mapping-lists
The specific vulnerability key. For a complete list of all available vulnerability keys, use GET /api/v1/mapping-lists/{slug}/items
The specific language key. For a complete list of all available language keys, use GET /api/v1/language-keys
EXPERIMENTAL, DO NOT USE: The installation/tenant ID for an integration.
EXPERIMENTAL, DO NOT USE: The ID for an integration (partner).
Flag to include guideline data in payload for endpoint, GET /api/v1/guidelines
If true, the user will be redirected to the Secure Code Warrior trial page. If false or empty, a JSON response is presented with the trial url, a name and the description.
Found micro-learning link
Bad Request
No micro-learning link found
Response Content-Types: application/json
Response Example (200 OK)
{
"url": "https://portal.securecodewarrior.com/?#/contextual-microlearning/web/injection/sql",
"name": "SQL Injection",
"description": "string",
"videos": [
"https://media.securecodewarrior.com/SQL_Injections_V2.mp4"
],
"links": [
{
"name": "OWASP SQL Injection",
"url": "https://owasp.org/www-community/attacks/SQL_Injection",
"description": "OWASP community page with comprehensive information about SQL injection, and links to various OWASP resources to help detect or prevent it.",
"languageFrameworks": [
{
"language": {
"key": "java",
"displayName": "Java"
},
"framework": {
"key": "spring",
"displayName": "Spring"
}
}
]
}
],
"guidelineItems": [
{
"languageSlug": "java",
"languageName": "Java",
"frameworkSlug": "spring",
"frameworkName": "Spring",
"langs": [
"en"
],
"guidelineItemUrl": "/api/v1/guidelines/10000/java/spring",
"hasDefaultContent": false
}
]
}
Response Example (400 Bad Request)
"object"
Response Example (404 Not Found)
{
"name": "ValidationError",
"message": "Parameters validation error!",
"code": 400
}
Get Trial Link (Deprecated)
DEPRECATED - This endpoint returns an object containing a URL that can be used to send a user to the Secure Code Warrior microlearning content.
A valid Partner Identifier
A valid mapping key related to the Partner Identifier
If true, the user will be redirected to the Secure Code Warrior trial page. If false or empty, a JSON response is presented with the trial url, a name and the description.
Success
The key was not found or the Id is invalid If the key was not found you get an InvalidRequest object as result
Response Content-Types: application/json
Response Example (200 OK)
{
"url": "string",
"name": "string",
"description": "string"
}
Response Example (422 Unprocessable Entity)
{
"name": "ValidationError",
"message": "Parameters validation error!",
"code": 400,
"type": "VALIDATION_ERROR",
"data": [
{
"type": "required",
"field": "mappingKey",
"message": "The mappingKey field is required"
}
]
}
Guidelines
Get Guideline Details
Get the guideline details for a specific guideline id, language slug, and framework slug. NOTE: these URLs should be generated by requests to api/v1/trial
, not constructed manually.
ID of guideline to fetch
Slug for programming language
Slug for framework
Slug for framework
Slug for framework
Slug for framework
Success
Message when resource is not found
Response Content-Types: text/plain, application/json, text/json
Response Example (200 OK)
{
"guidelineId": 10006,
"languageSlug": "java",
"frameworkSlug": "spring",
"lang": "en",
"title": "SQL Injection",
"content": " Introduction, SQL injection is a type of attack that involves inserting malicious code into a SQL statement, via input fields in an application, in order to gain unauthorized access to or manipulate a database",
"hasDefaultContent": false
}
Response Example (404 Not Found)
"string"
LanguageKey
Get Language Keys
Get an overview of supported Language mappings
Success
Response Content-Types: text/plain, application/json, text/json
Response Example (200 OK)
[
{
"languageKey": "string",
"languageFramework": "string"
}
]
MappingList
Get Mapping Lists
Get an overview of supported mapping lists
Success
Response Content-Types: text/plain, application/json, text/json
Response Example (200 OK)
[
{
"slug": "slug",
"name": "Name",
"links": "object"
}
]
Get Mapping List Items
Get the available mapping items for a specific mapping list
(no description)
Use this parameter to paginate the results (only positive numbers allowed)
Success
Not Found
Response Content-Types: text/plain, application/json, text/json
Response Example (200 OK)
{
"items": [
{
"mappingKey": "mapping_key",
"name": "SQL Injection",
"categorySlugs": [
"string"
]
}
],
"metaData": {
"pageCount": 3,
"totalItemCount": 250,
"pageNumber": 2,
"pageSize": 100,
"hasPreviousPage": true,
"hasNextPage": true,
"isFirstPage": false,
"isLastPage": false,
"firstItemOnPage": 101,
"lastItemOnPage": 200
}
}
Response Example (404 Not Found)
{
"type": "string",
"title": "string",
"status": "integer (int32)",
"detail": "string",
"instance": "string"
}
Schema Definitions
Framework: object
- key: string
-
Programming language key
- displayName: string
-
Programming language name
Example
{
"key": "spring",
"displayName": "Spring"
}
GuidelineItemRef: object
- languageSlug: string
-
Programming language key
- languageName: string
-
Programming language name
- frameworkSlug: string
-
Language framework key
- frameworkName: string
-
Language framework name
- langs: string[]
-
List of language-codes supported for localisation of the guideline
- guidelineItemUrl: string
-
Url to retrieve resource from guidelines endpoint
- hasDefaultContent: boolean
-
Whether this guideline uses default content (typically pseudocode examples)
Example
{
"languageSlug": "java",
"languageName": "Java",
"frameworkSlug": "spring",
"frameworkName": "Spring",
"langs": [
"en"
],
"guidelineItemUrl": "/api/v1/guidelines/10000/java/spring",
"hasDefaultContent": false
}
GuidelineItemResponse: object
- guidelineId: integer (int32)
-
Guideline resource id
- languageSlug: string
-
Programming language key
- frameworkSlug: string
-
Language framework key
- lang: string
-
The language-code for the guideline
- title: string
-
Title of guideline
- content: string
-
Guideline in HTML
- hasDefaultContent: boolean
-
Whether this guideline uses default content (typically pseudocode examples)
Example
{
"guidelineId": 10006,
"languageSlug": "java",
"frameworkSlug": "spring",
"lang": "en",
"title": "SQL Injection",
"content": " Introduction, SQL injection is a type of attack that involves inserting malicious code into a SQL statement, via input fields in an application, in order to gain unauthorized access to or manipulate a database",
"hasDefaultContent": false
}
InvalidRequest: object
- name: string
- message: string
- code: integer (int32)
Example
{
"name": "ValidationError",
"message": "Parameters validation error!",
"code": 400
}
Language: object
- key: string
-
Programming language key
- displayName: string
-
Programming language name
Example
{
"key": "java",
"displayName": "Java"
}
LanguageKeyResponse: object
- languageKey: string
-
The language key that can be used in the trial endpoint
- languageFramework: string
-
The Secure Code Warrior Language and Framework that the key will map to
Example
{
"languageKey": "string",
"languageFramework": "string"
}
LegacyInvalidRequest: object
- name: string
- message: string
- code: integer (int32)
- type: string
- data: object[]
Example
{
"name": "ValidationError",
"message": "Parameters validation error!",
"code": 400,
"type": "VALIDATION_ERROR",
"data": [
{
"type": "required",
"field": "mappingKey",
"message": "The mappingKey field is required"
}
]
}
LegacyMappingResult: object
- url: string
-
The url that can be used to redirect a user to the Secure Code Warrior microlearning content
- name: string
-
The name of the category used in the mappingKey query parameter
- description: string
-
A description on the category used in the mappingKey query parameter
Example
{
"url": "string",
"name": "string",
"description": "string"
}
Link: object
- name: string
-
Name of article link
- url: string
-
Link to article
- description: string
-
Description of article
- languageFrameworks: object[]
-
A list of languages where this link is most helpful
Example
{
"name": "OWASP SQL Injection",
"url": "https://owasp.org/www-community/attacks/SQL_Injection",
"description": "OWASP community page with comprehensive information about SQL injection, and links to various OWASP resources to help detect or prevent it.",
"languageFrameworks": [
{
"language": {
"key": "java",
"displayName": "Java"
},
"framework": {
"key": "spring",
"displayName": "Spring"
}
}
]
}
MappingItemResponse: object
- mappingKey: string
-
The mapping key that can be used in the trial endpoint
- name: string
-
The name of the mapping key
- categorySlugs: string[]
-
The category slugs associated with the mapping item
Example
{
"mappingKey": "mapping_key",
"name": "SQL Injection",
"categorySlugs": [
"string"
]
}
MappingListResponse: object
- slug: string
-
A mapping list slug
- name: string
-
The mapping list name
- links: object
Example
{
"slug": "slug",
"name": "Name",
"links": "object"
}
MappingResultResponse: object
- url: string
-
The url that can be used to redirect a user to the Secure Code Warrior microlearning content
- name: string
-
The name of the category used in the mappingKey query parameter
- description: string
-
A description on the category used in the mappingKey query parameter
- videos: string[]
-
A list of videos
- links: object[]
-
A list of useful links
- guidelineItems: object[]
-
A list of coding guideline items
Example
{
"url": "https://portal.securecodewarrior.com/?#/contextual-microlearning/web/injection/sql",
"name": "SQL Injection",
"description": "string",
"videos": [
"https://media.securecodewarrior.com/SQL_Injections_V2.mp4"
],
"links": [
{
"name": "OWASP SQL Injection",
"url": "https://owasp.org/www-community/attacks/SQL_Injection",
"description": "OWASP community page with comprehensive information about SQL injection, and links to various OWASP resources to help detect or prevent it.",
"languageFrameworks": [
{
"language": {
"key": "java",
"displayName": "Java"
},
"framework": {
"key": "spring",
"displayName": "Spring"
}
}
]
}
],
"guidelineItems": [
{
"languageSlug": "java",
"languageName": "Java",
"frameworkSlug": "spring",
"frameworkName": "Spring",
"langs": [
"en"
],
"guidelineItemUrl": "/api/v1/guidelines/10000/java/spring",
"hasDefaultContent": false
}
]
}
PagedMappingItemResponse: object
- items: object[]
- metaData: PaginationMetaData
Example
{
"items": [
{
"mappingKey": "mapping_key",
"name": "SQL Injection",
"categorySlugs": [
"string"
]
}
],
"metaData": {
"pageCount": 3,
"totalItemCount": 250,
"pageNumber": 2,
"pageSize": 100,
"hasPreviousPage": true,
"hasNextPage": true,
"isFirstPage": false,
"isLastPage": false,
"firstItemOnPage": 101,
"lastItemOnPage": 200
}
}
PaginationMetaData: object
- pageCount: integer (int32)
- totalItemCount: integer (int32)
- pageNumber: integer (int32)
- pageSize: integer (int32)
- hasPreviousPage: boolean
- hasNextPage: boolean
- isFirstPage: boolean
- isLastPage: boolean
- firstItemOnPage: integer (int32)
- lastItemOnPage: integer (int32)
Example
{
"pageCount": 3,
"totalItemCount": 250,
"pageNumber": 2,
"pageSize": 100,
"hasPreviousPage": true,
"hasNextPage": true,
"isFirstPage": false,
"isLastPage": false,
"firstItemOnPage": 101,
"lastItemOnPage": 200
}
ProblemDetails: object
- type: string
- title: string
- status: integer (int32)
- detail: string
- instance: string
Example
{
"type": "string",
"title": "string",
"status": "integer (int32)",
"detail": "string",
"instance": "string"
}