Command Line Interface (CLI)¶

Installation¶

The solidpoint-cli service can be installed using the following instructions.

Importaint

All commands in the instructions are run by a user with the administrator permissions.

GNU/LinuxDocker Compose

Add a repository. When adding it, you must enter a secret token to gain access.
```
curl -fsSL repo.solidpoint.net | sh -
```
Install the CLI using the package manager.
```
apt install solidpoint-cli
```
If multi-user mode is used, authenticate using the following command. Authentication is not required for single-user mode.
```
solidpoint-cli auth login -i
```

Download the distribution package. The distribution package is currently available upon request.

Run the command.

docker run --rm -it repo.solidpoint.net/solidpoint-cli

Environment variables¶

The solidpoint-cli service interacts with the environment variables listed in the table below. No default value is set for these variables, the values are set using the solidpoint-cli auth login command.

Environment variable	Description
`SOLIDPOINT_BASE_URL`	The URL of the server part to connect to. By default, it is suggested to use `https://cloud.solidpoint.net`
`SOLIDPOINT_TOKEN`	A personal access token that is created in the dashboard. It is used for authentication

Usage¶

The solidpoint-cli utility can be used as follows:

solidpoint-cli [flags]
solidpoint-cli [command]

The following commands are available:

Command	Description
`auth`	Authentication Management
`help`	Help for any command
`scan`	Manage scans
`scanner`	Manage scanners
`status`	CLI current status
`target`	Manage targets
`user`	Manage users

The following flags are available:

-h, --help — help for the solidpoint-cli utility.

`auth` command¶

The auth command allows to manage authentication. It can be used as follows:

solidpoint-cli auth [flags]
solidpoint-cli auth [command]

The following commands are available:

Command	Desсription
`login`	Logs in to the system.
`logout`	Logs out of the system.
`register`	Registers the user in the system.

The following commands are available:

-h, --help — help for the auth command.

`login` command¶

The login command is used to log in to the system.

Usage¶

solidpoint-cli auth login [flags]

Flags¶

Flags	Type	Description
`-b`, `--base-url`	string	SolidPoint instance URL
`-e`, `--email`	string	User email
`-h`, `--help`	-	Help for the `login` command
`-i`	-	Interactive mode
`-p`, `--password`	string	User password

Examples of usage¶

Login in the interactive mode:
```
solidpoint-cli auth login -i
```

Login without interactive mode:

solidpoint-cli auth login -b "https://cloud.solidpoint.net" -e "admin@solidpoint.local" -p "admin"

`logout` command¶

The logout command is used to log out of the system.

Usage¶

solidpoint-cli auth logout [flags]

Flags¶

-h, --help — help for the logout command.

`register` command¶

The register command is used to register the user in the system.

Usage¶

solidpoint-cli auth register [flags]

Flags¶

Flags	Type	Description
`-c`, `--company`	string	User company name
`-e`, `--email`	string	User email
`-h`, `--help`	-	Help for the `register` command
`-i`, `--interactive`	-	Interactive mode
`-n`, `--name string`	string	User name
`-o`, `--occupation string`	string	User occupation
`-p`, `--password`	string	User password
`-t`, `--tenant string`	string	Tenant name

Example of usage¶

Register in the interactive mode:
```
solidpoint-cli auth register -i
```

Register without interactive mode:

solidpoint-cli auth register -t "test" -e "user@test.ru" -p "testPassword" -n "testName" -c "testCompany" -o "testOccupation"

`help` command¶

The help command provides help for any application command. It can be used as follows:

solidpoint-cli help [command] [flags]

The following flags are available:

-h, --help — help for the help command.

`scan` command¶

The scan command allows to manage scans. It can be used as follows:

solidpoint-cli scan [flags]
solidpoint-cli scan [command]

The following commands are available:

Command	Desсription
`cancel`	Terminates the scan.
`new`	Starts a new scan.
`new-ci`	Starts a new scan for continuous integration.
`show-app-auth`	Provides information about the scanned application's authentication.
`status`	Displays the scan status.

The following flags are available:

-h, --help — help for the scan command.

`cancel` command¶

The cancel command terminates the scan.

Usage¶

solidpoint-cli scan cancel [scan_id] [flags]

Flags¶

-h, --help — help for the cancel command.

`new` command¶

The new command starts a new scan.

Usage¶

solidpoint-cli scan new [flags]

Flags¶

Flags	Type	Desсription
`-h`, `--help`	-	Help for the `new` command
`-m`, `--module`	strings	Scanning module
`-i`, `--targetID`	uint32	Target ID
`-u`, `--url`	string	The URL of the application being scanned

Examples of usage¶

Start scanning using the -i flag:
```
solidpoint-cli scan new -i 1
```

Start scanning using the -u flag:

solidpoint-cli scan new -u "http://test.test"

Start scanning with the specified modules:

solidpoint-cli scan new -u "http://test.test" -m "module-name-1" -m "module-name-2"

`new-ci` command¶

The new-ci command starts a new scan for continuous integration. The scan status is broadcasted in real time. The command terminates with a non-zero return code if at least one issue has been found.

Usage¶

solidpoint-cli scan new-ci [flags]

Flags¶

Flags	Type	Desсription
`-h`, `--help`	-	Help for the `new-ci` command
`-m`, `--module`	strings	Scanning module
`-s`, `--severity`	string	Severity level of the issue. If the specified value is detected, scan will be completed with an error. Valid values: `info`, `low`, `medium`, `high`, `critical`.
`-i`, `--targetID`	uint32	Target ID
`-u`, `--url`	string	The URL of the scanned application

Examples of usage¶

Start scanning using the -i flag:
```
solidpoint-cli scan new-ci -i 1
```

Start scanning using the -u flag:

solidpoint-cli scan new-ci -u "http://test.test"

Start scanning with a specified severity level value:

solidpoint-cli scan new-ci -u "http://test.test" -s [severity_value]

Start scanning for continuous integration with the specified modules:

solidpoint-cli scan new-ci -u "http://test.test" -m "module-name-1" -m "module-name-2"

`show-app-auth` command¶

The show-app-auth command shows information about the scanned application's authentication.

Usage¶

solidpoint-cli scan show-app-auth [scan_id] [flags]

Flags¶

-h, --help — help for the show-app-auth command.

Examples of usage¶

Request for authentication information (scan_id = 1):
```
solidpoint-cli scan show-app-auth 1
```

`status` command¶

The status command displays the scan status.

Usage¶

solidpoint-cli scan status [scan_id] [flags]

Flags¶

-d, --detailed — detailed description of issues.
-h, --help — help for the status command.

Examples of usage¶

Request for scan status (scan_id = 1):
```
solidpoint-cli scan status 1
```

`scanner` command¶

The scanner command allows to manage scanners. It can be used as follows:

solidpoint-cli scanner [flags]
solidpoint-cli scanner [command]

The following commands are available:

Command	Description
`new`	Creates new scanner
`info`	Shows information about scanner (parameters and modules)
`enable`	Enables scanner
`disable`	Disables scanner

The following flags are available:

-h, --help — help for the scanner command.

`new` command¶

The new command creates a new scanner.

Usage¶

solidpoint-cli scanner new [flags]

Flags¶

Flag	Type	Description
`-a`, `--address`	string	Specifies the address of the scanner
`-n`, `--name`	string	Specifies the name of the scanner
`-i`, `--interactive`	-	Allows to use the command interactively
`-h`, `--help`	-	Help for the `new` command

`info` command¶

The info command shows information about the scanner (parameters and modules).

Usage¶

solidpoint-cli scanner info [scanner_id] [flags]

Flags¶

-h, --help — help for the info command.

`enable` command¶

The enable command enables the scanner.

Usage¶

solidpoint-cli scanner enable [scanner_id] [flags]

Flags¶

-h, --help — help for the enable command.

`disable` command¶

The disable command disables the scanner.

Usage¶

solidpoint-cli scanner disable [scanner_id] [flags]

Flags¶

-h, --help — help for the disable command.

`status` command¶

The status command displays the current status of the CLI. It can be used as follows:

solidpoint-cli status [flags]

The following flags are available:

-h, --help — help for the scan command.

`target` command¶

The target command allows to manage targets. It can be used as follows:

solidpoint-cli target [flags]
solidpoint-cli target [command]

The following commands are available:

Command	Desсription
`clear-app-auth`	Deletes the authentication data of the target application.
`new`	Creates a new target.
`show-app-auth`	Shows information about the target application's authentication.
`update`	Updates a target or targets.

The following flags are available:

-h, --help — help for the target command.

`clear-app-auth` command¶

The clear-app-auth command deletes the authentication data for the target application.

Usage¶

solidpoint-cli target clear-app-auth [target_id] [flags]

Flags¶

-h, --help — help for the clear-app-auth command.

Examples of usage¶

Delete authentication data for the target application with target_id = 1 :
```
solidpoint-cli target clear-app-auth 1
```

`new` command¶

The new command creates a new target.

Usage¶

solidpoint-cli target new [flags]

Flags¶

Flags	Type	Description
`-d`, `--description`	string	Target description
`-h`, `--help`	-	Help for the `new` command
`-i`, `--interactive`	-	Interactive mode
`-n`, `--name string`	string	Target name
`-u`, `--url`	string	Target URL

Examples of usage¶

Create target in the interactive mode:
```
solidpoint-cli target new -i
```

Create target without interactive mode:

solidpoint-cli target new -u "target URL" -n "target name" -d "target description"

`show-app-auth` command¶

The show-app-auth command shows information about the target application's authentication.

Usage¶

solidpoint-cli target show-app-auth [target_id] [flags]

Flags¶

-h, --help — help for the show-app-auth command.

Examples of usage¶

Get information about the authentication of the target application with target_id = 1:
```
solidpoint-cli target show-app-auth 1
```

`update` command¶

The update command updates the target or targets.

Usage¶

solidpoint-cli target update [flags]
solidpoint-cli target update [command]

Commands¶

app-auth — updates the target application's authentication.

Use the following commands and the corresponding flags to select the desired authentication type and parameters for the app-auth command:

Command	Desсription	Flags
`cookies`	Updates authentication using cookies of the target application. The number of host names and cookies must be equal, an empty hostname means that the cookie contains the name of the target host. To pass a path it must be specified by the `hostname`: test.test + /test = test.test/test parameter. By default, this command rewrites all cookies. To add cookies, use the `-a` (`--add`) flag. The `-r` (`--rewrite`) flag rewrites all application authentication data using cookies only	`-a`, `--add` — add `-v`, `--cookie` string — cookie `-h`, `--help` — help for `cookies` `-n`, `--hostname` string — host name `-r`, `--rewrite` — rewrite
`headers`	Updates authentication using headers. The number of nodes and headers must be equal, an empty node means that the host node will be specified in the header. To pass a path, it must be specified by the `host`: test.test + /test = test.test/test OR test.test:5000 + /test = test.test:5000/test parameter. By default, this command rewrites all authentication headers of the target application. To add headers, use the `-a` (`--add`) flag. The `-r` (`--rewrite`) flag rewrites all application authentication data using headers only	`-a`, `--add` — add `-v`, `--header` string — header `-h`, `--help` — help for `headers` `-n`, `--hostname` string — host name `-r`, `--rewrite` — rewrite
`http-basic-auth`	Updates authentication using basic HTTP authentication. To add basic HTTP authentication, use the `-a` (`--add`) flag. The `-r` (`--rewrite`) flag rewrites all application authentication data using basic HTTP authentication only	`-a`, `--add` — add `-h`, `--help` — help for `http-basic-auth` `-r`, `--rewrite` — rewrite
`tls`	By default, this command rewrites the authentication of all target applications over the TLS protocol. To add TLS application authentication, use the `-a` (`--add`) flag. The `-r` (`--rewrite`) flag rewrites all application authentication data using only TLS application authentication	`-a`, `--add` — add; `-c`, `--certificate` string — certificate file; `-h`, `--help` — help for `tls`; `-k`, `--key` string — the key file `-r`, `--rewrite` — rewrite

Flags¶

-h, --help — help for the update command.

Examples of usage¶

ewrite or add cookies to authenticate the target application:

solidpoint-cli target update app-auth cookies 1 -v name=value

Add a cookie to authenticate the target application:

solidpoint-cli target update app-auth cookies 1 -a -v name2=value2

Rewrite or add a cookie to authenticate the target application with the host name:

solidpoint-cli target update app-auth cookies 1 -n test.test -v name=value

Rewrite or add a cookie to authenticate the target application, specifying the host and path:
```
solidpoint-cli target update app-auth cookies 1 -n test.test/test -v name=value
```

Rewrite or add a cookie to authenticate the target application with multiple hosts and paths:

solidpoint-cli target update app-auth cookies 1 -n test.test/test -v name=value -n test2.test/test -v name2=value2

Overwrite the authentication data of the target application using only cookies:
```
solidpoint-cli target update app-auth cookies 1 -r -v name=value
```

Rewrite or add authentication headers for the target application:

solidpoint-cli target update app-auth headers 1 -v Name=Value

Add authentication headers for the target application:

solidpoint-cli target update app-auth headers 1 -a -v Name2=Value2

Add authentication headers for the target application using host:

solidpoint-cli target update app-auth headers 1 -n test.test -v Name=Value

Add authentication headers for the target application specifying the node and path:

solidpoint-cli target update app-auth headers 1 -n test.test/test -v Name=Value

Add authentication headers for the target application specifying multiple nodes and paths:

solidpoint-cli target update app-auth headers 1 -n test.test/test -v Name=Value -n test2.test:5000/test -v Name2=Value2

Rewrite the authentication data of the target application using only headers:
```
solidpoint-cli target update app-auth headers 1 -r -v Name=Value
```

Rewrite or add basic HTTP authentication of the target application:
```
solidpoint-cli target update app-auth http-basic-auth 1
```

Add basic HTTP authentication of the target application:

solidpoint-cli target update app-auth http-basic-auth 1 -a

Rewrite the authentication data of the target application using only basic HTTP authentication:
```
solidpoint-cli target update app-auth http-basic-auth 1 -r
```

Rewrite or add TLS authentication of the target application:

solidpoint-cli target update app-auth tls 1 -c /path/to/cert/file.crt -k /path/to/key/file.key

Add TLS authentication of the target application:

solidpoint-cli target update app-auth tls 1 -a -c /path/to/cert/file.crt -k /path/to/key/file.key

Rewrite the authentication data of the target application using TLS only:

solidpoint-cli target update app-auth tls 1 -r -c /path/to/cert/file.crt -k /path/to/key/file.key

`user` command¶

The user command allows to manage users. It can be used as follows:

solidpoint-cli user [flags]
solidpoint-cli user [command]

The following commands are available:

Command	Desсription
`activate`	Activates a single user
`activate-all`	Activates all users
`list`	Displays a list of users

The following flags are available:

-h, --help — help for the user command.

`activate` command¶

Usage¶

solidpoint-cli user activate [flags]

Flags¶

Flags	Type	Desсription
`-h`, `--help`	-	Help for the `activate` command
`-i`, `--interactive`	-	Interactive input
`-r`, `--role`	string	Assigns users a role from the list: `user` (default), `admin`, `superAdmin`
`-t`, `--tenant`	string	Tenant ID or name (may be empty for the default tenant)
`-u`, `--user`	string	User's ID or email

Examples of usage¶

Interactive input:
```
solidpoint-cli user activate -i
```

User activation by ID:
```
solidpoint-cli user activate -u "1"
```

User activation by email:

solidpoint-cli user activate -u "user@test.ru"

Activation of a user by ID in a certain tenant with a certain role (tenant — test, role — admin):
```
solidpoint-cli user activate -u "1" -t "test" -r "admin"
```

Activation of a user by email in a certain tenant with a certain role (tenant — test, role — admin):
```
solidpoint-cli user activate -u "user@test.ru" -t "test" -r "admin"
```

`activate-all` command¶

All users in all tenants will be activated if the tenant is not specified or is empty. If the tenant does not have a name by default and it is necessary to activate all users in it, the ID should be specified.

All users in a particular tenant will be activated if the tenant is specified or is not empty.

Usage¶

solidpoint-cli user activate-all [flags]

Flags¶

Flags	Desсription
`-h`, `--help`	Help for the `activate-all` command
`-i`, `--interactive`	Interactive input
`-r`, `--role string`	Assigns users a role from the list: `user` (default), `admin`, `superAdmin`
`-t`, `--tenant string`	Tenant ID or name (may be empty for the default tenant)

Examples of usage¶

Interactive input:
```
solidpoint-cli user activate-all -i
```

Activation of all users in all tenants:
```
solidpoint-cli user activate-all
```

Activation of all users in the tenant by default:
```
solidpoint-cli user activate-all -t "1"
```

Activation of all users in a certain tenant (tenant — test):
```
solidpoint-cli user activate-all -t "test"
```

Activation of all users in a certain tenant with a certain role (tenant — test, role — user):
```
solidpoint-cli user activate-all -t "test" -r "user"
```

`list` command¶

Usage¶

solidpoint-cli user list [flags]

Flags¶

Flags	Desсription
`-h`, `--help`	Help for the `list` command
`-r`, `--role string`	User role from the list: `user`, `admin`, `superAdmin`, `unknown`
`-t`, `--tenant string`	Tenant's ID or name

Examples of usage¶

List of all users in all tenants:
```
solidpoint-cli user list
```

A list of all users with a defined role (role — unknown):
```
solidpoint-cli user list -r "unknown"
```

A list of all users in a certain tenant (tenant — test):
```
solidpoint-cli user list -t "test"
```

A list of all users in a certain tenant with a certain role (tenant — test, role — unknown):
```
solidpoint-cli user list -t "test" -r "unknown"
```

Command Line Interface (CLI)¶

Installation¶

Environment variables¶

Usage¶

auth command¶

login command¶

Usage¶

Flags¶

Examples of usage¶

logout command¶

Usage¶

Flags¶

register command¶

Usage¶

Flags¶

Example of usage¶

help command¶

scan command¶

cancel command¶

Usage¶

Flags¶

new command¶

Usage¶

Flags¶

Examples of usage¶

new-ci command¶

Usage¶

Flags¶

Examples of usage¶

show-app-auth command¶

Usage¶

Flags¶

Examples of usage¶

status command¶

Usage¶

Flags¶

Examples of usage¶

scanner command¶

new command¶

Usage¶

Flags¶

info command¶

Usage¶

Flags¶

enable command¶

Usage¶

Flags¶

disable command¶

Usage¶

Flags¶

status command¶

target command¶

clear-app-auth command¶

Usage¶

Flags¶

Examples of usage¶

new command¶

Usage¶

Flags¶

Examples of usage¶

show-app-auth command¶

Usage¶

Flags¶

Examples of usage¶

update command¶

Usage¶

Commands¶

Flags¶

Examples of usage¶

user command¶

activate command¶

Usage¶

Flags¶

Examples of usage¶

activate-all command¶

Usage¶

Flags¶

Examples of usage¶

list command¶

Usage¶

`auth` command¶

`login` command¶

`logout` command¶

`register` command¶

`help` command¶

`scan` command¶

`cancel` command¶

`new` command¶

`new-ci` command¶

`show-app-auth` command¶

`status` command¶

`scanner` command¶

`new` command¶

`info` command¶

`enable` command¶

`disable` command¶

`status` command¶

`target` command¶

`clear-app-auth` command¶

`new` command¶

`show-app-auth` command¶

`update` command¶

`user` command¶

`activate` command¶

`activate-all` command¶

`list` command¶