If you have a Single-Page Application that makes XHRs to an API, Probely will seamless follow those requests and scan the API endpoints.
If on the other hand your API is used by your customers in order to integrate with your product, you will most likely have a standalone API.
The main different between the two use-cases lays in the crawler, which for the latter case doesn’t need to navigate a web application. Instead, an API schema file is parsed, therefore the coverage is complete.
We support APIs defined by an Open/API / Swagger schema file.
Schema file URL
Instead of having to upload a new schema file every time the API changes, you can define the the schema file URL and a new version will be fetched before each scan.
Probely supports the case where your API requires an authentication token for all requests, which is retrieved beforehand, on an authentication endpoint.
You can set custom values for the attributes used in your schema file.