Organizations are used to share your API Targets and Run results with other users. You may belong to any number of Organizations. As a Organization owner, you can invite others to join you and create service accounts to integrate Mayhem for API into your DevOps pipeline.
When you sign up you will be prompted to create a new Organization. You will be the Owner of this Organization.
Organization members may have one of the following roles:
Owner: Organization Owners have full control over Organizations and Members
Member: Organization Members may create API Targets and view Job results, but may not manage other members.
|Create organization invitation||✔||X|
|Remove member||✔||X ( ✔ can remove self )|
|Create Service Accounts||✔||X|
|Update API Target||✔||✔|
|Change member role||✔||✔|
You can change the roles of Organization members with the
mapi organization set-role command.
Organization Owners can create a new invitation with the
mapi organization invite command
using the name of their Organization.
Invitations are only valid for one claim and will expire after two days by
default. You can extend the number of claims and duration with the
expiration-min options respectively. For example:
mapi organization invite --max-claims 5 --expiration-min 2880 my-organization
This will present you a message that you can send to whomever you would like to invite to your Organization via Email/Slack/SMS/etc:
A new invitation has been created for organization <your-organization>>! Up to 1 user(s) can join the organization by going to 'https://mayhem4api.forallsecure.com/join/uGb79...'. The invitation link is valid for 1 day.
Anyone that accepts your invite will join with the
Organization owners may create service accounts for accessing the API as part of automation to avoid using API Tokens from individual accounts. You may create as many service accounts as you require in your organization.
Service accounts do not count toward developer count for the purpose of billing.
To create a new service account, use the
mapi organization service-account create <my-organization> <service-account-name>
The service account will be added to your organization - and an API token will be presented once. You must record this token as it will not be shown again.
New Service Account named '<service-account-name>' created! A new API token has been created. SWOJg... You can use this token in the environment variable, MAPI_TOKEN, to access the API Fuzzer API as the Service Account. We will not display this value again.
You may now use the API token presented in the response to access targets and run fuzzing jobs in your Organization.
To delete a service account (and invalidate its API Token) you must remove the account from your organization. Find the ID of your service account by listing organization members:
mapi organization list-members <my-organization> ID Name Role 1 foo Owner 2 bar Member 3 <service-account> Member <<<<<
Now remove the service account from your organization:
mapi organization remove-member <my-organization> <service-account-id> Successfully removed Organization '<my-organization>>' member '3'!