APIsentry Documentation
APIsentry Documentation
  • Knowledge Base
  • Getting Started
    • Login and MFA
    • Create Project
  • Installation Approach
    • Out-of-band Approach
    • In-line Approach
Powered by GitBook
On this page
  1. Getting Started

Create Project

Creating and Securing Your Project with API Sentry

API Sentry offers comprehensive protection for your API applications, regardless of the number of API endpoints, source code repositories, or environments. Follow these steps to create a project on API Sentry and secure your application:

Step 1: Create Project Details

  • Manual Process:

    • Provide a project name and description.

    • Proceed to upload a Postman or OpenAPI documentation in Step 2.

  • Automatic Process (with Postman):

    • Enter your Postman API key and UID.

    • API Sentry automatically imports and updates your API collection from Postman whenever new endpoints are added.

Note: The project name and description can be any text or numerals that help you easily identify and manage your projects.

Step 2: Upload API Documentation

  • Manual Process:

    • Upload a Postman collection or an OpenAPI JSON file.

    • Select the appropriate collection type and version to ensure complete API endpoint extraction.

FAQ:

  • Incomplete Documentation? No worries! API Sentry's AI can discover ghost, orphaned, or shadow APIs. Upload your current version, and we'll do the rest.

  • Invalid JSON or Upload Failure? API Sentry validates your documentation to ensure compliance with industry standards. If issues are detected or if the file exceeds 50MB, the upload will fail. You'll need to fix the file or contact support for assistance.

Step 3: Configure Environment

Environments are the host URLs of your application environments (e.g., production, staging, development). Proper environment configuration is crucial for:

  • Forwarding safe traffic to your application after threat analysis.

  • Running dynamic scans and performance tests in the correct environment.

You can select the desired environment for each scan or test.

Step 4: Configure GitHub (Optional)

To enable source code review, connect your GitHub account:

  • Click the connection button, which redirects you to GitHub for installation.

  • Install API Sentry AI on the repositories you wish to scan.

  • After installation, you’ll be redirected back to the project creation wizard.

This step is optional but highly recommended for enhanced security analysis.

Step 5: Set Up Proxy Server (Optional)

For those who require a dedicated proxy server, API Sentry offers two options:

  1. Self-Managed Proxy Setup:

    • Contact your account officer for the AWS image link.

    • Set up an Ubuntu server, install Docker, download the AWS image, and run the container.

    • Configure your existing proxies or load balancers to forward or mirror requests to the API Sentry AI proxy.

  2. API Sentry Managed Proxy:

    • Use our pre-configured proxy server by sending or mirroring requests to: https://proxy.apisentry.ai?project_id={your_project_id}.

    • All requests will be scanned for malicious activity. Depending on your WAF mode, API Sentry will either forward the requests to your server or log them for monitoring.

Once set up, all traffic will be visible on the Real-Time Threat Monitoring page, where you can also track recent abuse on your APIs.

PreviousLogin and MFANextOut-of-band Approach

Last updated 9 months ago