Tutorials
API Security & Conformance Scan using OpenAPI Swagger Editor Extension in VS Code
A dynamic security scan of your API to check for conformance against the API design (OpenAPI contract) and security vulnerabilities such as BOLA and BFLA. The tutorial videos below are for OpenAPI Editor in Microsoft Visual Studio Code (VS Code). API Scan is also available on the 42Crunch Platform and in GitHub Actions CI/CD.
Activate API Scan CLI
You can run the dynamic API Scan security test locally on your machine without having to share the API. The video explains how. if you are a paying customer you can run the scan in your IDE on local APIs or on APIs in your customer account on the 42Crunch platform
Overview of the Scan Configuration
Explanation of the Scan configuration view where you configure and run your scan tests
Running your first API Scan
Learn how to configure and run your first API Scan and read the results
API Request Chaining
You can add additional operations and requests to your scan configuration scenario to create more complex test scenarios. Take a look at the video explainer.
Create Test Resources using Global Blocks
Set up and tear down test resources or create test states to test the API using before and after blocks e.g. Create a new test user account, run tests and then delete the new user
API Testing with Dynamic Authentication
Authentication tokens such as OAuth or an API key may be required In order to test your API. Find out how to configure the scan for dynamic authentication.