The following legacy API will be deprecated: Asset API v1.0. Effective November 6th, 2023 the legacy API Asset API v1.0 will return an error code. Please use the following API Asset API v2.0.

An improvement has been made to Site API v1.0. Previously, a password was not needed to change site credentials. This issue has been fixed, in line with public API documentation a password is now required when adding or modifying site credentials.

A fix has been provided for the Create a User API functionality. Previously, the User API v1.0 was returning a 403 status code when attempting to create a new user with a duplicate username. This issue has been fixed, User API v1.0 now correctly returns a 400 status code. 

The PUT and POST methods for User API v1.0 has been updated. The fields 'first name' and 'last name' now have character limits of twenty and fifty, respectively. This change aligns the behaviour of the APIs and the Sentinel UI.

A new parameter option has been added to the Site API v1.0. The satellite_id parameter has been added to the Modify a site PUT request, this allows a requester with the correct privileges to change the Appliance used for scanning a Site. The Satellite ID provided must be for a valid DAST Appliance on the Site’s client.  

Sentinel APIs will now only accept authentication of API keys in the Request Headers as mentioned in the Using an API Key in Request Headers section in Authentication. If Sentinel APIs are called with API key in the URI as a query parameter a 401 status code will be returned. 

Effective June 30, 2022, Sentinel APIs will only accept authentication of API key in the Request Headers as mentioned in the section Using an API Key in Request Headers in Authentication. If Sentinel APIs are called with API key in the URI as a query parameter after June 30, 2022, a 401 status code will be returned. 

A fix has been provided for the Site API v1.0. Previously, when using the Site API v1.0 to access the site’s credential page, Sentinel would return a 500 error. An update to the Sentinel Database has been implemented to address this error. This issue has now been fixed. 

An existing parameter has been removed from the Sites API v2.0. The scanShedule parameter has been removed from the POST request, which removes the option to add a scan schedule during site provisioning. The API documentation has been updated to reflect this change. 

Effective February 15, 2022, Sentinel APIs will only accept authentication of API key in the Request Headers as mentioned in the section Using an API Key in Request Headers. If Sentinel APIs are called with API key in the URI as a query parameter after February 15, 2022, a 401 status code will be returned.