Objective
When Applications are merged together in Contrast, it's necessary to select one of the Apps as your "primary" Application. The merged group will then use the name of the primary throughout the Contrast UI. In some cases, this may not be the desired behaviour and you'd rather give your merged group of Apps a custom name, unrelated to its merged modules.
The following process provides a means of creating an empty Application which can be named as you wish and, when used as a primary App, will provide your group of merged Apps with your custom name.
Process
When creating a new Application, you will need to specify a name and a language, where language will represent the main language of that application, controlling which rules will be available in policy management. Language is one of: JAVA
, DOTNET
, DOTNET_CORE
, NODE
, RUBY
, PYTHON
, GO
, PHP
You can merge them, but probably shouldn’t, as you then can’t manage rules of the non-primary language modules.
Use the Contrast API:
The API call detailed below allows you to optionally specify a comma-separated value list of access groups the application should be added to, tags that should be added to the application, key/value pairs of application metadata, and the application code (displayed next to the application name in Contrast UI). Only application name and language are required:
curl -X POST \
https://your_teamserver/Contrast/api/ng/sca/organizations/$ORG_UUID/applications/create \
-H "Authorization: $AUTH_HEADER" \
-H "API-Key: $API_KEY" \
-H 'Accept: application/json' \
-H 'Content-type: application/json' \
-d '{"name": "$APPLICATION_NAME", "language": "$LANGUAGE", "appGroups": "list,of,eac,groups", "metadata": "key=value,pairs=of-app-metadata", "tags": "csv,list,of,app,tags", "code": "optional-app-code"}'
PowerShell Example:
$Uri="https://app.contrastsecurity.com/Contrast/api/ng/sca/organizations/$ORG_UUID/applications/create"
$Headers=@{"Authorization"="$AUTH_HEADER";"API-Key"="$API_KEY"}
$Body='{"name": "$APPLICATION_NAME", "language": "$LANGUAGE"}'
Invoke-RestMethod -Uri $Uri -Method POST -ContentType "application/json" -Headers $Headers -Body $Body