42Crunch · Capability

42Crunch API Security Scanning

Workflow capability for DevSecOps engineers and security teams running automated API conformance scans on Kubernetes. Combines scan job management and log retrieval into a unified interface for CI/CD pipeline integration, on-premises security testing, and runtime compliance validation.

Run with Naftiko API SecurityConformance ScanningKubernetesDevSecOpsCI/CD

What You Can Do

GET

List scans — List all active and completed API conformance scans

/v1/scans

POST

Run scan — Start a new API conformance scan job on Kubernetes

/v1/scans

GET

Get scan status — Get the current status of a specific API conformance scan

/v1/scans/{name}

DELETE

Cancel scan — Cancel and remove a specific API conformance scan job

/v1/scans/{name}

GET

Get scan logs — Retrieve execution logs from an API conformance scan

/v1/scans/{name}/logs

GET

Check health — Check the scan manager service health

/v1/health

MCP Tools

list-api-scans

List all API conformance scan jobs including their current status (started, active, succeeded, failed)

read-only

run-api-scan

Start a new 42Crunch API conformance scan job on Kubernetes using a scan token from the 42Crunch platform

get-scan-status

Get the current status of a specific API conformance scan job (started, active, succeeded, failed, unknown)

read-only

cancel-api-scan

Cancel and remove a specific API conformance scan job from the Kubernetes cluster

idempotent

get-scan-logs

Retrieve execution logs from an API conformance scan job to diagnose failures or review results

read-only

check-scanner-health

Check the health status of the 42Crunch scan manager service to verify availability

read-only

APIs Used

scand-manager