Get a new score, add a company to a portfolio
Because the best way to learn is doing, we compiled a few samples that show how to use our APIs for different example use cases.
Each of these comes from a public repository you're welcome to clone and play with.
In the following example we identify the default private portfolio, and then we add a company to that portfolio.
import os
import requests
import sys
token = os.getenv('SSC_API_TOKEN')
api_url = os.getenv('API_URL', 'https://api.securityscorecard.io')
headers = {
'Accept': 'application/json; charset=utf-8',
'Content-Type': 'application/json',
'Authorization': 'Token ' + token,
'cache-control': 'no-cache',
}
# get portfolios
url = api_url + '/portfolios'
response = requests.get(api_url + '/portfolios', headers=headers)
response.raise_for_status()
portfolios = response.json()['entries']
my_portfolio = [
item for item in portfolios
# My Portfolio is read_only and private
if 'readOnly' in item and item['readOnly'] == True and item['privacy'] == 'private'
][0]
# add google.com to the portfolio
url = api_url + '/portfolios/' + my_portfolio['id'] + '/companies/google.com'
response = requests.put(url, headers=headers)
response.raise_for_status()
# get scorecards in My Portfolio
url = api_url + '/portfolios/' + my_portfolio['id'] + '/companies'
response = requests.get(url, headers=headers)
response.raise_for_status()
scorecards = response.json()['entries']
# check google.com is in the portfolio
scorecard = [
item for item in scorecards
if item['domain'] == 'google.com'
]
assert len(scorecard) == 1, 'scorecard not found in the portfolio'
print ('google.com score is ' + str(scorecard[0]['score']))
const axios = require('axios');
const token = process.env.SSC_API_TOKEN;
const apiUrl = process.env.API_URL || 'https://api.securityscorecard.io';
const headers = {
'Accept': 'application/json; charset=utf-8',
'Content-Type': 'application/json',
'Authorization': 'Token ' + token,
'cache-control': 'no-cache',
};
(async() => {
try {
// Get portfolios
let response = await axios.get(`${apiUrl}/portfolios`, { headers });
const portfolios = response.data.entries;
const myPortfolio = portfolios.find(
(item) => item.readOnly === true && item.privacy === 'private'
);
if (!myPortfolio) {
throw new Error('My portfolio not found');
}
// Add google.com to the portfolio
response = await axios({
method: 'put',
url: `${apiUrl}/portfolios/${myPortfolio.id}/companies/google.com`,
headers
},
);
// Get scorecards in My Portfolio
response = await axios.get(
`${apiUrl}/portfolios/${myPortfolio.id}/companies`,
{ headers }
);
const scorecards = response.data.entries;
// Check google.com is in the portfolio
const scorecard = scorecards.find((item) => item.domain === 'google.com');
if (!scorecard) {
throw new Error('scorecard not found in the portfolio');
}
console.log(`google.com score is ${scorecard.score}`);
} catch (error) {
console.error('Error:', error);
process.exit(1);
}
})();
At the end of the example we assert that the company was truly added to the default private portfolio, and print the score.
Updated 29 days ago
Did this page help you?