Overview
The Web Security Checker APIs are provided in the RESTful form, and to call the provided APIs, you need to create a Sub Account and access key.
Common attributes
API
| Service | API | Method | Request URI |
|---|---|---|---|
| Web Security Checker | getJobs | GET | https://wsc.apigw.ntruss.com/api/v1/jobs |
| Web Security Checker | searchJobs | POST | https://wsc.apigw.ntruss.com/api/v1/jobs/search |
| Web Security Checker | cancelJob | PATCH | https://wsc.apigw.ntruss.com/api/v1/jobs/{instanceId}/cancel |
| Web Security Checker | stopJob | PATCH | https://wsc.apigw.ntruss.com/api/v1/jobs/{instanceId}/stop |
| Web Security Checker | getReport | GET | https://wsc.apigw.ntruss.com/api/v1/jobs/report |
| Web Security Checker | createJob | PUT | https://wsc.apigw.ntruss.com/api/v1/job |
Request headers
The following table lists the request headers for IAM authentication.
| Header name | Description |
|---|---|
x-ncp-apigw-timestamp |
This is the number of milliseconds that have elapsed since January 1, 1970 00:00:00 UTC. Request is considered invalid if the timestamp differs from the current time by more than 5 minutes. |
x-ncp-iam-access-key |
Access key issued on NAVER Cloud Platform IAM |
x-ncp-apigw-signature-v2 |
Signature signed by the secret key that matches the access key in the request path and headers HmacSHA256 is used for the HMAC encryption algorithm. |
Content-Type |
Specify the request body content type to application/json. |
Common errors
| HTTP response code | ErrorCode | ErrorMessage |
|---|---|---|
| 400 | 100 | Bad Request Exception |
| 401 | 200 | Authentication Failed |
| 401 | 210 | Permission Denied |
| 404 | 300 | Not Found Exception |
| 429 | 400 | Quota Exceeded |
| 429 | 410 | Throttle Limited |
| 429 | 420 | Rate Limited |
| 413 | 430 | Request Entity Too Large |
| 503 | 500 | Endpoint Error |
| 504 | 510 | Endpoint Timeout |
| 500 | 900 | Unexpected Error |
Service error
| HTTP response code | Error | message | Description |
|---|---|---|---|
| 200 | 0 | success | Succeeded |
| 200 | 901 | API Call Fail | If it's temporarily unavailable and the error persists, contact Support > Contact us. |
| 200 | 169201 | Auth Check Error | No permissions |
| 200 | 169202 | User Check Error | Failed to verify customer account information, need to contact customer for verification. |
| 200 | 160331 | ActionURL Check Error | HTTP or HTTPS entered in the action URL. |
| 200 | 160332 | Param Check Error | Input value has an unacceptable value, special characters are restricted for the ID param/PW param value. |
| 200 | 160351 | Login_Check_Fail | An error occurred during the login process and you need to double-check your login information and try again, or enter cookies manually. |
| 200 | 160353 | URL Connection Error | Failed to connect to the entered action URL |
| 200 | 160431 | Param Check Error | Input value has an unacceptable value. |
| 200 | 160432 | Param Check Null | Input value has a missing value. |
| 200 | 160433 | Param Value Not Define | Input value has an undefined value. |
| 200 | 160441 | DB Execute Query Error | An error occurred while processing scan job registration, need to try again later. |
| 200 | 160451 | Assets_Check_Fail | It is not the customer's NAVER Cloud Platform server and only diagnostics of customer-owned NAVER Cloud Platform assets are available. |
| 200 | 160452 | Queue_Full | For the selected schedule, the reservation is full and need to select a different one. |
| 200 | 160453 | Already_Exists | You can't perform vulnerability scanning for one target at the same time, and the currently set scan target is pending scanning, so you need to check the “Scan Status/Results” menu at the top of the page. |
| 200 | 160454 | TooMany_Insert | Too many jobs pending and need to be added after scans run. |
| 200 | 160455 | ReScan Create failed | The target's domain and IP must be the same as the initial diagnosis to qualify for a re-diagnostic, and only three times within 60 days of the end of the initial diagnostic. |
| 200 | 160456 | Managed Service agree chk failed | Consent information for third-party web server diagnostics is unavailable and available after consent is given. |
| 200 | 160457 | Managed Service file chk failed | Failed to check files required for third-party web server diagnostics and need to proceed to step 2 of the third-party web server diagnostics instructions pop-up. |
| 200 | 160701 | Open period expired | Diagnostic reports are available for 1 year. |
| 200 | 160842 | DB Matcing Data 0 | There are no targets to cancel, and bulk cancel can only cancel reserved and pending jobs. |
| 200 | 165244 | DB Data Record CNT Not Matching | Requested instanceNo list and number of DB query records are different. |