Effective January 31, 2022, Sentinel APIs will only accept authentication of API key in the Request Headers as mentioned in the section Using an API Key in Request Headers. If Sentinel APIs are called with API key in the URI as a query parameter after January 31, 2022, a 401 status code will be returned. 

A new parameter option has been added to the Findings API v2.0 and the API documentation has been updated to reflect this. The new parameter option is called descAndSolution and can be defined in the fields parameter. Using the new parameter option, users can now fetch a description and solution for their findings.

Effective January 31, 2022, Sentinel APIs will only accept authentication of API key in the Request Headers as mentioned in the section Using an API Key in Request Headers in https://apidocs.whitehatsec.com/whs/docs/authentication. If Sentinel APIs are called with API key in the URI as a query parameter after January 31, 2022, a 401 status code will be returned.

A new field has been added to a Sentinel API response for the Appliances API v2.0. The new field is called serverConfAssetCount and it is a response to GET /api/appliances. The new field returns the number of Hostnames that are hosted on the given appliances. The maximum amount of hosts that can be supported on a single appliance is 250. Once the count reaches 250, the appliance will not support asset onboarding.

Effective January 31, 2022, Sentinel APIs will only accept authentication of API key in the Request Headers as mentioned in the section Using an API Key in Request Headers in https://apidocs.whitehatsec.com/whs/docs/authentication . If Sentinel APIs are called with API key in the URI as a query parameter after January 31, 2022, a 401 status code will be returned.

An additional validation has been added to PUT requests and is required for the following API: api//site//site_credentials/<CREDS_ID>.

Three new operations have been added to the API reference Asset Onboarding Workflows API v2.0. The new operations are:

Firstly, the Assets API v2.0 previously had several missing display fields. These have now been added and the API documentation updated to reflect this. Below are a list of the added fields:

Asset type filtering and parameter descriptions have been updated to include Site, Application, Mobile, and API asset types for the following API calls:

Support has been added for token-based authentication when checking out artifacts from git repositories. An auth_type=token and a token field have also been introduced. For any issues or for further support Contact Us.