Get a new score, add a company to a portfolio
Because the best way to learn is doing, we compiled a few samples that show how to use our APIs for different example use cases.
Each of these comes from a public repository you're welcome to clone and play with.
In the following example we identify the default private portfolio, and then we add a company to that portfolio.
import os
import requests
import sys
token = os.getenv('SSC_API_TOKEN')
api_url = os.getenv('API_URL', 'https://api.securityscorecard.io')
headers = {
'Accept': 'application/json; charset=utf-8',
'Content-Type': 'application/json',
'Authorization': 'Token ' + token,
'cache-control': 'no-cache',
}
# get portfolios
url = api_url + '/portfolios'
response = requests.get(api_url + '/portfolios', headers=headers)
response.raise_for_status()
portfolios = response.json()['entries']
my_portfolio = [
item for item in portfolios
# My Portfolio is read_only and private
if 'readOnly' in item and item['readOnly'] == True and item['privacy'] == 'private'
][0]
# add google.com to the portfolio
url = api_url + '/portfolios/' + my_portfolio['id'] + '/companies/google.com'
response = requests.put(url, headers=headers)
response.raise_for_status()
# get scorecards in My Portfolio
url = api_url + '/portfolios/' + my_portfolio['id'] + '/companies'
response = requests.get(url, headers=headers)
response.raise_for_status()
scorecards = response.json()['entries']
# check google.com is in the portfolio
scorecard = [
item for item in scorecards
if item['domain'] == 'google.com'
]
assert len(scorecard) == 1, 'scorecard not found in the portfolio'
print ('google.com score is ' + str(scorecard[0]['score']))
const axios = require('axios');
const token = process.env.SSC_API_TOKEN;
const apiUrl = process.env.API_URL || 'https://api.securityscorecard.io';
const headers = {
'Accept': 'application/json; charset=utf-8',
'Content-Type': 'application/json',
'Authorization': 'Token ' + token,
'cache-control': 'no-cache',
};
(async() => {
try {
// Get portfolios
let response = await axios.get(`${apiUrl}/portfolios`, { headers });
const portfolios = response.data.entries;
const myPortfolio = portfolios.find(
(item) => item.readOnly === true && item.privacy === 'private'
);
if (!myPortfolio) {
throw new Error('My portfolio not found');
}
// Add google.com to the portfolio
response = await axios({
method: 'put',
url: `${apiUrl}/portfolios/${myPortfolio.id}/companies/google.com`,
headers
},
);
// Get scorecards in My Portfolio
response = await axios.get(
`${apiUrl}/portfolios/${myPortfolio.id}/companies`,
{ headers }
);
const scorecards = response.data.entries;
// Check google.com is in the portfolio
const scorecard = scorecards.find((item) => item.domain === 'google.com');
if (!scorecard) {
throw new Error('scorecard not found in the portfolio');
}
console.log(`google.com score is ${scorecard.score}`);
} catch (error) {
console.error('Error:', error);
process.exit(1);
}
})();
At the end of the example we assert that the company was truly added to the default private portfolio, and print the score.
Updated about 1 month ago