API Use Cases

Includes practical uses for our API.

The pages in this book describe how you can work with the Cobalt platform using our API.

Introducing the Cobalt API

The Cobalt RESTful API gives you access to your assets, pentests, findings, and more. With our API, you can integrate Cobalt into your development and application security workflows—and automate your pentest processes.

Here are some examples of how you can scale your workflows:

  • Retrieve findings that our pentesters discovered during a pentest.
  • Pull findings into your security dashboard to perform a holistic internal analysis.
  • Integrate findings into your data visualization tool for a comprehensive view of your vulnerability and application landscape.
API Documentation

Read our comprehensive API documentation to learn how to send specific API requests and view examples.

Go to API Docs

This document assumes that you can run curl in a command line on your system. You can also set up the REST calls in this book in other API clients such as Postman or Insomnia.

If you run curl from the command line, we recommend that you use the jq command line JSON processor to format output.

Format JSON Responses

Without the | jq., you may have output that looks like:


If you add a | jq . to the end of your REST call, you may find it easier to read the output:

  "pagination": {
    "next_page": null,
    "prev_page": null
  "data": [
      "resource": {
        "id": "YOUR-ORG-ID",
        "name": "ORG-NAME",
        "token": "YOUR-V2-ORGANIZATION-TOKEN"
      "links": {
        "ui": {
          "url": "URL-WITH-YOUR-PENTESTS"

For your convenience, we include | jq . in all of our sample REST calls that provide actual output.

Create or Modify an Asset

Run this sequence of REST calls to create an asset.

Was this page helpful?

Yes No Create an Issue

Last modified March.03.2023