API Endpoints

An API Endpoint is a specific URL or address that clients or external systems use to interact with your application. It receives requests and sends responses, enabling data exchange and communication between applications. Traceable monitors the API endpoints within your application ecosystem for activities, vulnerabilities, security risks, and performance. The API Endpoints tab in the Inventory page provides this information for all the APIs discovered, learned, or under learning. By default, the tab lists all learned APIs from your application. You can use this information to optimize and secure your APIs according to your requirements.

The summary section on this tab lists the number of:

• Internal and external APIs discovered. Traceable classifies these APIs in one of the following ways:

  • Identifying the IP address involved in the API interaction as private or public.

  • You labelling the API as External or Internal. For more information on managing labels, see Additional Features.

• Unauthenticated APIs

• APIs at risk. This number indicates the APIs having high or critical risk scores.

• Number of updated APIs. This number indicates the APIs updated in the last 1 day.

The tab also lists the following:

• API names

• The datatypes found in each API

• The risk score associated with the API

• The number of calls to the APIs in the last 24 hours

• The time at which the API was last called

Traceable lists the above details for All Environments by default. You can view these details for a specific environment by selecting it from the Environments drop-down in the page’s top right corner. You can also filter the data shown on the page according to your requirements. The following section explains these filters and how to use them.

Filters

The API Endpoints tab provides multiple filters that you can use to fine-tune the results displayed on the page. You can open the filter pane by clicking on the Filter () icon in the tab’s left top corner. The pane shows the following tabs:

• Filters — This is the list of filters available for you.

• Saved — This is the list of filters that you have saved for later use.

• Recent — This is the list of recently applied filters.

You can apply filters based on the following categories:

• Security Posture — This category lists filters to view APIs based on sensitive datatypes, datasets, authentications, risk categories, etc.

• API Definition — This category lists filters to view APIs based on authentication types, encryptions, creation time, labels, domain names, etc.

• Traceable — These are Traceable’s custom filters to view APIs based on whether they are learned, their discovery state, etc.

• Deployment — This category lists filters to view APIs based on the environment and service.

• API Ownership — This category lists filters to view APIs based on their ownership across various functions, such as developers and quality assurance.

Example — Let us say you want to view the APIs called in the past 3 days. The following demo shows how you can do this.

You can follow steps similar to the above demo to add multiple filters. You can also remove a filter by hovering over it and clicking the X icon.

Traceable also allows you to do the following:

• Save filters for later use — You can save any applied filters (one or multiple) according to your requirements and use them later. Traceable shows them in the Saved tab of the Filters pane. To save the filters, complete the following steps:

  • Click Save in the top right corner of the summary section.

  • Specify the Name of the filter.

  • Click Save.

• Clear all filters at once — You can clear all filters at once by clicking Clear in the top right corner of the summary section.

Additional Features

Apart from the above features, you can also do the following:

• Group data — You can use the Group By drop-down to group the data displayed in the page according to certain attributes such as auth types and labels.

• Hide visualizations — You can hide the visualizations displayed in the Summary bar by clicking on the Visualizations () icon shown in the top right corner of the API Endpoints tab.

• Download data — You can download the data shown on the page by clicking on the Download () icon shown in the top right corner of the API Endpoints tab. While downloading the data, you can also specify the number of rows you want to download.

• Add or remove columns — While Traceable shows columns by default on the page, you can add or remove them according to your requirements. Traceable provides various columns for you to choose from. To add or remove columns, do the following:

  1. Click the Ellipse () icon shown in the top right corner of the API Endpoints tab.

  2. Click Edit Columns.

  3. In the Edit Columns pop-up, select or deselect the columns that you want to add or remove. Optionally, you can also reset the page to the default setting by clicking Reset to default.

     Note

     All columns except Name can be removed.

  4. Click Apply.

  Traceable shows the updated column setting on the page.

• Manage Labels added to APIs — You can do the following to one or more APIs according to your requirements:

  • Add labels

    Note

    You can add up to 32 labels to an API.

  • Replace existing labels with new ones

  • Remove labels

  To do this, complete the following steps:

  

  1. Click the checkbox corresponding to the APIs where you want to manage labels.

  2. At the bottom of the page, click Manage Labels.

  3. In the Manage Labels pop-up, select the checkbox corresponding to the labels you want to manage. You can also create a new label by specifying the label name in the Search or create field and clicking on + Create <label name>.

  4. Click the arrow icon corresponding to Add selected labels and select the option according to your requirements.