Filter API catalogue
API catalogue can be filtered to reduce clutter and see the actionable APIs in focus. Filtering the catalogue can help identify and address APIs that pose a high level of threat on priority.
API catalogue can be filtered from the Catalogue Summary widgets and using the Advanced filters located above the APIs List view.
| Filtering the catalogue using a Summary widget sets the Advanced filters to the criteria for the legend or data you click on the widget. Using the Advanced filters on top of the filtering criteria set by the widget filters the catalogue further. For example, clicking Critical in the API Risk Distribution widget and setting the Advanced filter Privilege = Yes filters the catalogue to show Privilege APIs with a Critical Risk Score. |
|
Advanced filters
Advanced filters can be used to filter APIs by their characteristics, methods, Risk Score, discovery period, and observation period. The catalogue can be filtered solely using Advanced filters.
Click the Filter icon at the top-right corner of the API listing to open the filters menu.
| Filter | Filtering action |
|---|---|
| Endpoint | APIs with the selected endpoint URLs. For example, GET /rest/user/change-password or GET /rest/admin/application-configuration. Select endpoint URLs or search for URLs by text strings. Use Precise Match if required. |
| Method | APIs that use the selected call methods ( DELETE, GET, OPTIONS, POST, PUT, and TRACE) |
| Host | APIs with selected hostnames or IP addresses. For example, juice-shop:8000 or http-service:9000. Select hostnames or IP addresses or search for them by text strings. Use Precise Match if required. |
| Risk Score | APIs with the selected AppSentinels-assigned risk score ( Critical, High, Medium, and Low) |
| Shadow | APIs that are Shadow APIs (select Yes) |
| Privilege | APIs that are Privileged APIs (select Yes) |
| Auth | APIs that use the selected authentication statuses ( Yes, No, or Unknown) |
| Direction | APIs with the selected origin of the API request ( Public or Internal) |
| Sensitive | APIs that deal with sensitive or PII data (select Yes) |
| New | APIs that have been discovered in the last seven days (select Yes) |
| Unused | APIs that have not been seen (observed) in the last 30 days (select Yes) |
| First Discovered From | New APIs seen with this date as the start date of the discovery period |
| First Discovered To | New APIs seen with this date as the end date of the discovery period |
| Last Observed From | APIs seen with this date as the start date of the observation period |
| Last Observed To | APIs seen with this date as the end date of the observation period |
Precise Match
Precise Match is a switch to filter the text string columns of the API catalogue by the exact match of the text you enter to filter the list.
By default, the Precise Match switch is set to ON.