What is API discovery?
API discovery is the process of identifying and cataloging the APIs available on a server or within an application.
API Discovery helps create a comprehensive inventory of an organization’s internal and external API assets by identifying both existing and newly deployed APIs.
It enables the development teams to identify, locate, manage, and monitor their organization’s APIs, including previously missed or unknown ones.
How do I get server APIs on my Beagle Security dashboard?
With Beagle Security, you can now seamlessly discover APIs from your server right from the dashboard, eliminating the need for any external tools.
All the discovered APIs which can be included in the test will be displayed on the Beagle Security dashboard. From here, you can map the APIs to run the tests.
This document provides detailed insights into API discovery and guides you through its configuration process.
Follow the steps outlined to streamline the API discovery process:
Log into your Beagle Security dashboard and proceed to the settings
Select API Discovery from the left menu bar- here we start the API configuration process
Click on the ‘+’ to create a new profile
Upon clicking, you can see a pop-up button to create the profile
NB: There are two discoveries type available i.e., Istio mirroring and Kubernetes
Select a discovery type
Give the Profile name and save
NB: Configuration will be only available once you save it
When choosing Kubernetes
Select Kubernetes, give your profile name and save
Configuration is now starting, and a command will appear on the screen in the meantime.
NB: To begin the discovery process, run this command on the machine with access to the cluster.
Copy the command from the screen
Paste and apply in the Kubernetes environment
The command will automatically run in the environment
Then, you can view all the discovered APIs on the Beagle Security dashboard.
From here, the first level of verification happens for the discovered APIs. It can further be mapped to the application and made to run the tests.
By clicking on the map to the application button you can map the APIs to the needed applications
Next, click on the Go to inventory button
The APIs that have been discovered, associated with the application will be appearing here.
Every APIs discovered will automatically appear here by default. All listed APIs will undergo testing unless specifically excluded.
What is API inventory and how can you view it?
The API inventory is the area where the discovered APIs which are mapped to the application will be shown. This list contains all the APIs-both existing and the newly discovered available for vulnerability scanning. All these APIs will be included in the test unless explicitly excluded.
The list of things you can see in the API inventory list:
API URL
Request Method
Request Headers
Request Body
Parameters
Making changes to the discovered APIs
You can make changes to the discovered APIs. This is a very simple process.
Select the API you want to edit, click the import to APIs button to the right side of the screen
Now it will be imported to the REST API, and you can make the needed changes.
When choosing Istio
Select Istio, give a profile name and save
Configuration is now starting, and a command will be displayed on the screen in the meantime.
copy each command individually and paste them one by one into a terminal that has access to the Istio cluster.
There will be two commands here.
In the first command, make sure to activate the listener for capturing APIs, if it is not already enabled. This step is crucial for ensuring that all relevant API interactions are monitored and recorded
In the second command the listener runs the process of directing the APIs to the Beagle dashboard. It is like application deployment
Then, you can view all the discovered APIs on the Beagle Security dashboard.
Click on the Go to inventory button- the APIs that have been discovered, associated with the application, and included for testing will appear in this list.
