REST API for uploading disconnected scan results

Edit online

9.2.30 Available from 9.2.30.

You use the POST operation on the /api/sam/v2/scan_results_upload element to upload results of the disconnected scans to the disconnected data source. The results are provided in the request body in the binary form.

Important: Uploading disconnected scan results by using REST API is supported for scan results generated by disconnected scanner in version 9.2.24 or later. If you use the disconnected scanner in older versions, either upgrade the scanner or upload scan results by using one of the following methods:

Manually copy scan results to the disconnected data source.
Use an automation technology of your choice.
Mount shared folders to automatically transfer scan results.

Permissions

You must have the Manage Scan Uploads (previously: Manage Uploads) permission to use this API.

Resource URL

https://hostname:port/api/sam/v2/scan_results_upload

Resource information

Table 1. Resource information
Operation details	Description
HTTP method	`POST`
Request headers	`Accept-Language` (optional) Use: Used to negotiate the language of the response. If this header is not specified, the content is returned in the server language. Values: `en-US` (only English is supported) `Token` Use: Used to authenticate REST API requests. The header is required when you set the value of the api_token_in_url_enabled parameter to false. Otherwise, you can specify the token in the request header or in the URL. For more information, see: Authenticating REST API requests. Values: an alphanumeric string that is generated in License Metric Tool
Request format	`application/octet-stream`
Request payload	Binary data (content of the scan results file)
Response headers	`Content-Type` Use: Specifies the content type of the response. Values: `application/json` `Content-Language` Use: Specifies the language of the response content. If this header is not specified, the content is returned in the server language. Values: en-US, …
Response format	`application/json`
Response codes	`200 – OK` `400 – Bad Request` if a query parameter contains errors or is missing `401 – Unauthorized` if there is not match for the provided user name and password `403 – Forbidden` if the user is not authorized to perform the action `500 – Internal Server Error`

Request attributes

Table 2. Request attributes
Attribute	Description	Required
filename	Name of the file to be uploaded.	✓
datasource_name	Name of the disconnected data source to which the file will be uploaded. If you have one disconnected data source, you do not need to provide this parameter. However, if you provide the parameter, its value must match the actual data source. Otherwise, the upload fails.

Example conversation

The example conversation uses cURL commands as they allow to easily upload a file in the binary format.

Request

curl --insecure -v -H "Accept:application/json" -H "Token:<token>" -H "Content-Type:application/octet-stream" 
--data-binary "@<path_to_file><file_name>" -X POST "https://<host>:<port>/api/sam/v2/scan_results_upload?
datasource_name=<data_source_name>&filename=<file_name>"

Where:

<token>: Token of the user that will be used to upload disconnected scan results to the License Metric Tool server.
<path_to_file>: Path to the file with disconnected scan results.
<host>: IP or host name of the License Metric Tool server to which packages with disconnected scan results will be uploaded.
<port>: Port of the License Metric Tool server to which packages with disconnected scan results will be uploaded.
<data_source_name>: Name of the disconnected data source to which the file will be uploaded.; Note: If disconnected data source name contains a space it needs to be replaced by '%20' character. As following: datasource_name=Data%20Source
<file_name>: Name of the file to be uploaded.

Response