StackHawk Documentation StackHawk Logo HawkDocs
api
scan policies
toggle app plugin

No results found

Try different keywords or check your spelling

Search documentation

Find guides, API references, and more

esc

Toggle app scan policy plugin

GET /api/v1/app/{appId}/policy/plugins/{pluginId}/{toggle}

Toggle Application Scan Policy

This endpoint allows for enabling or disabling a specific plugin within the scan policy of an application, based on the provided application and plugin ID.

Error Handling:

  • 400 Bad Request: This response is returned if the pluginId provided does not correspond to any plugin included in the application's current scan policy.

Additional Information:

Scan Policy plugins represent a security test designed to work with the StackHawk platform. HawkScan will run the plugin in a scan if it's enabled in the application scan policy.

🧾 Audited This is recorded as APPLICATION_POLICY_MODIFIED User Activity.

Requires write:policy permission.

Path parameters

appIdstring · uuidrequired

UUID identifier for this StackHawk Application.

pluginIdstringrequired

Identifier for the Plugin.

togglestringrequired

Toggles this plugin, either as 'enabled' or 'disabled'.

2 available options
enableddisabled

Response

OK

scanPolicy
scanpolicy.ScanPolicy
Hide child attributesShow child attributes
scanPolicy.applicationId
string read-only

The UUID identifier of the scan policy application. If no application ID is present, the scan policy is defined by StackHawk. If the application ID is present, then the scan policy is customized for the given application only.

scanPolicy.description
string

The description for this policy.

scanPolicy.displayName
string

The human readable display name for this policy.

scanPolicy.id
string read-only

The UUID identifier of this scan policy.

scanPolicy.isCustomized
boolean

Indicates whether the plugins have been updated from original scan policy.

scanPolicy.name
string

The referencable unique name of a StackHawk scan policy.

scanPolicy.plugins
scanpolicy.Plugin[]

List of the plugins defined for this policy.

Hide child attributesShow child attributes
scanPolicy.plugins.defaultRisk
enum<string> read-only

Default risk for this plugin. Currently unused.

5 available options
UNKNOWNINFOLOWMEDIUMHIGH
scanPolicy.plugins.enabled
boolean

Enables the plugin. Plugins will only run in a scan when marked as enabled.

scanPolicy.plugins.name
string

The Plugin name.

scanPolicy.plugins.pluginId
string

The UUID identifier of this plugin.

scanPolicy.plugins.pluginType
enum<string>

The type of plugin to run as. Either ACTIVE or PASSIVE.

2 available options
ACTIVEPASSIVE
scanPolicy.plugins.status
enum<string> read-only

The release quality of this plugin.

3 available options
ADDON_STATUS_ALPHAADDON_STATUS_BETAADDON_STATUS_RELEASE
scanPolicy.plugins.strength
enum<string> write-only

The strength of this plugin. Currently unused.

5 available options
STRENGTH_LOWSTRENGTH_MEDIUMSTRENGTH_HIGHSTRENGTH_INSANESTRENGTH_OFF
scanPolicy.plugins.threshold
enum<string> write-only

The threshold of this plugin. Currently unused.

4 available options
THRESHOLD_LOWTHRESHOLD_MEDIUMTHRESHOLD_HIGHTHRESHOLD_OFF
scanPolicy.techFlags
object read-only

Technology flags for this policy. This is a collection of specific technology identifiers that further configure scan behavior.

scanPolicy
scanpolicy.ScanPolicy
Hide child attributesShow child attributes
scanPolicy.applicationId
string read-only

The UUID identifier of the scan policy application. If no application ID is present, the scan policy is defined by StackHawk. If the application ID is present, then the scan policy is customized for the given application only.

scanPolicy.description
string

The description for this policy.

scanPolicy.displayName
string

The human readable display name for this policy.

scanPolicy.id
string read-only

The UUID identifier of this scan policy.

scanPolicy.isCustomized
boolean

Indicates whether the plugins have been updated from original scan policy.

scanPolicy.name
string

The referencable unique name of a StackHawk scan policy.

scanPolicy.plugins
scanpolicy.Plugin[]

List of the plugins defined for this policy.

Hide child attributesShow child attributes
scanPolicy.plugins.defaultRisk
enum<string> read-only

Default risk for this plugin. Currently unused.

5 available options
UNKNOWNINFOLOWMEDIUMHIGH
scanPolicy.plugins.enabled
boolean

Enables the plugin. Plugins will only run in a scan when marked as enabled.

scanPolicy.plugins.name
string

The Plugin name.

scanPolicy.plugins.pluginId
string

The UUID identifier of this plugin.

scanPolicy.plugins.pluginType
enum<string>

The type of plugin to run as. Either ACTIVE or PASSIVE.

2 available options
ACTIVEPASSIVE
scanPolicy.plugins.status
enum<string> read-only

The release quality of this plugin.

3 available options
ADDON_STATUS_ALPHAADDON_STATUS_BETAADDON_STATUS_RELEASE
scanPolicy.plugins.strength
enum<string> write-only

The strength of this plugin. Currently unused.

5 available options
STRENGTH_LOWSTRENGTH_MEDIUMSTRENGTH_HIGHSTRENGTH_INSANESTRENGTH_OFF
scanPolicy.plugins.threshold
enum<string> write-only

The threshold of this plugin. Currently unused.

4 available options
THRESHOLD_LOWTHRESHOLD_MEDIUMTHRESHOLD_HIGHTHRESHOLD_OFF
scanPolicy.techFlags
object read-only

Technology flags for this policy. This is a collection of specific technology identifiers that further configure scan behavior.

Unauthorized

Your privacy settings

We use first and third party cookies to ensure that we give you the best experience on our website and in our products.

Privacy Policy