-
Notifications
You must be signed in to change notification settings - Fork 2
ApiDetails
ZAP provides a REST Application Programming Interface (API) which allows you to interact with ZAP programmatically.
The REST API can be accessed directly or via one of the client implementations detailed below.
It is documented briefly in the ZAP user guide, but there is more information here on the wiki.
A set of wiki pages which lists all of the available functionality is generated by the code and is available here: ApiGen_Index
In order to be able to use the API when using the ZAP UI you have to first enable it. You can do this via the Options API screen:
- Tools / Options... / API
If you run ZAP in 'headless' or 'daemon' mode (by starting ZAP via the command line and using the -daemon flag) then the API will be automatically enabled.
The ZAP API is particularly useful for Security Regression Tests.
A summary of the clients available:
| Language | Download links | Notes |
|---|---|---|
| Java | SourceForge | Official API |
| Python | SourceForge PyPI | Official API |
| Node.js | NPM | In process of becoming an official API |
| PHP | GitHub Packagist | In process of becoming an official API |
| Ruby | GitHub | |
| Ruby | GitHub |
More details about the API are available in these pages: