I'm trying to set session management to cookieBasedSessionManagement via ZAP API.
(http://localhost:9090 is my default zap proxy)
When I ask for parameters I should provide, it gives me an empty array: http://localhost:9090/JSON/sessionManagement/view/getSessionManagementMethodConfigParams/?zapapiformat=JSON&methodName=cookieBasedSessionManagement
{"methodConfigParams":[]}
However when I try to call http://localhost:9090/JSON/sessionManagement/action/setSessionManagementMethod/?zapapiformat=JSON&contextId=auto-context&methodName=cookieBasedSessionManagement&methodConfigParams=
I get
{"code":"missing_parameter","message":"Missing Parameter"}
So I'm curious what the parameters should be - or is it a bug in zap api ?
In case anyone run into this:
There is a context name and there is a context id. If you pass context name into context id - you'll get this weird error (really the error should be something like unknown context id). Unfortunately the default .NET client API (which I was using for issuing REST requests to local ZED proxy) has all variables as strings - even the context id which really should be an integer.