Skip to main content

Manage your API catalog

This document is for Invicti Platform

Feature availability

This feature is available with Invicti API Security Standalone or Bundle

This document explains what information is available on the API catalog page and how to hide or delete API specs from your API catalog.

Access requirements

Access to API Security in Invicti Platform requires either an Administrator, Owner, Security Analyst, Security Manager role, or a custom role with the API Security permission.

View the API catalog

After importing or discovering APIs, you can view all your API specifications and endpoints on the API catalog page. Select Inventory > API catalog from the left-side menu.

You are presented with a table of discovered or imported APIs. To read more about the columns, refer to the API catalog table columns section of the API catalog overview document.

API catalog page showing table of discovered and imported APIs with their details

Hide discovered APIs

If you decide a discovered API is irrelevant and you don't want to scan it, you can hide it from your API catalog.

Important

Hiding an API removes it from the attached target and permanently deletes all associated statistics. To get the most up-to-date stats, this API needs to be linked back to a target.

Any found vulnerabilities are kept and can be viewed via the vulnerabilities page.

To hide an API in your API catalog:

  1. Select Inventory > API catalog from the left-side menu.
  2. Click the three-dot menu (⋮) to the right of the API you want to hide, then select Hide API.
Three dots menu showing Hide API option for managing API visibility
  1. Select Hide API to confirm the action.
Three dots menu showing Hide API option for managing API visibility
  1. The API is now hidden.

Delete an API

If you want to completely remove an API from your API catalog you can choose to delete it. However, if the source of the API is enabled (for example, a MuleSoft integration), the deleted API might reappear in your API catalog the next time the source synchronizes. In this situation, you may prefer to hide the API instead so that it is ignored each time a source synchronization occurs.

Warning

Deleting an API permanently removes all associated statistics and the action cannot be undone.

To delete an API from your API catalog follow these steps:

  1. Select Inventory > API catalog from the left-side menu.
  2. Click the three-dot menu (⋮) to the right of the API you want to delete, then select Delete API.
Three dots menu showing Delete API option for permanently removing APIs from catalog
  1. Select Delete API to confirm the action.
Pop up message showing warning for permanently removing APIs from catalog

The API and all associated statistics are now deleted and the API is no longer visible in your API catalog.

For other API related documentation, refer to the following documentation:

Need help?

The Support team is ready to provide you with technical help. Go to Help Center

Was this page useful?