🚨 Latest Research:Tanstack npm Packages Compromised in Ongoing Mini Shai-Hulud Supply-Chain Attack.Learn More →

Book a Demo Sign in

@allthingsapi/ata-cli

Package Overview

Advanced tools

Install Socket

Detect and block malicious and high-risk dependencies

Install

@allthingsapi/ata-cli

A professional command-line interface (CLI) for API testing, validation, and management. Enables developers to validate OpenAPI specifications, lint API designs, and manage API workflows directly from the terminal with an efficient, developer-friendly exp

latest

npm

Version: 0.1.51

Version published: 5 months ago

Weekly downloads: 47

Maintainers: 1

Weekly downloads

Created: 12 months ago

Source

All Things API CLI

🚀 Installation

npm install -g @allthingsapi/ata-cli

✨ Features

ATA CLI brings powerful, modern API management to your terminal:

Authenticate securely with your AllThingsAPI account (ata login).
List and inspect APIs for any team and project, including versions, creators, and descriptions.
Filter APIs by team and project for focused workflows.
View current user and session information at any time (ata whoami).
Manage your session: log out instantly (ata logout).
Seamless updates: keep your CLI up to date with a single command (ata update).
Ready for automation: designed for CI/CD, scripting, and integration into developer workflows.
Export OpenAPI Specs: Download OpenAPI specs for any version package in JSON or YAML format for use in tools like Postman, Swagger, or CI/CD.
Lint OpenAPI Specs: Validate your API specifications against industry best practices using Spectral rules.
Multiple Policy Support: Apply different rulesets to ensure API quality and consistency.
Team Management: View teams you are assigned to and explore their business applications.
Environment Management: Create, list, and delete environments for API testing with team and project scoping.
Collection Testing: Run entire test collections with professional reporting and test result summaries.
Test Suite Creation: Create comprehensive test suites for multiple collections with support for various frameworks (ATA, CHAI, Java, Python) and test types (robustness, security, performance).
AI-Powered Test Generation: Automatically generate test cases for entire test suites or individual requests using AI, with support for bulk generation and selective regeneration.
Test Case Execution: Execute all test cases for specific requests with environment and dataset support for data-driven testing.
UI Automation Testing: Run end-to-end Playwright tests with support for headless/headed modes, real-time progress monitoring, and comprehensive reporting.
Request Execution: Execute individual API requests with environment and global variable support.
Collection Import: Import collections from ATA, Postman, Swagger/OpenAPI formats, or directly from application packages with team, company, or personal scoping.
API Monitoring: Create and manage automated API monitors with scheduling, failure notifications, and detailed run reporting.
Policy Management: List and browse governance policies to enforce API design standards and best practices across your organization.
Application Management: Create and manage applications, versions, and packages with full lifecycle support including OpenAPI integration.
Package Clone & Status Management: Duplicate packages for different environments and manage package status transitions.
Branch Configuration: Set Git branch configurations for packages with environment-specific support.
Magic Sync: Automated synchronization for API collections, AI-powered design documentation, and release notes generation from Git repositories.
Security Insights: Comprehensive security scanning including vulnerability detection, secret scanning, license compliance, IaC security, container image scanning, and SAST.

Extensible foundation: future support for API testing, automation, and export/import workflows.

📖 Usage

Note: You must be logged in (ata login) before using any API commands.

Authenticate

ata login

Show Current User

ata whoami

Display the currently logged-in user's name and email.

List APIs

ata api list --team <TEAM_ID> --project <PROJECT_ID>

List all APIs for a specific team and project, including their versions, creator, description, and type.

Arguments

Option	Description	Required
`--team <TEAM_ID>`	The Team ID to filter APIs	Yes
`--project <PROJECT_ID>`	The Project ID to filter APIs	Yes

Example

ata api list --team 6800dfb0d0f8ec7048505892 --project 6800dfb250a4f6540b38913b

Example Output

┌────────────────────────────────────────────────────────────
│ Name: Customer Management API
│ Description: -
│ Application Type: API_APPLICATION
│ Created By: Shoaib Mehedi
│ Versions:
│   • 1.0 (ub3vc171z): 68275ec4094dd3ec1b66cc85 [DRAFT]
│   • 2.0 (wzuwzztw8): 6828e0577e417388e07af6f2 [DRAFT]
└────────────────────────────────────────────────────────────

Error Handling

If either --team or --project is missing, the CLI will show an error and exit.
You must be logged in (ata login) before using API commands.

🧪 API Testing & Execution

Execute API tests and collections with comprehensive reporting and environment support. Run entire collections or individual requests with professional test result summaries similar to Postman.

Quick Start Examples

# Run an entire collection with all tests
ata run --collection 68078d82e83b814cd6fbec6b

# Run a collection with environment variables
ata run --collection 68078d82e83b814cd6fbec6b --env 6800dfbcd9ba2022c515beaf

# Run a collection and save results to file
ata run --collection 68078d82e83b814cd6fbec6b --report results.json

# Execute a single request
ata execute 68a2ca5acae0c4a58821a5eb

# Execute a request with environment
ata execute 68a2ca5acae0c4a58821a5eb --env 6800dfbcd9ba2022c515beaf

List Collection Requests

ata collection requests <COLLECTION_ID>

Display all requests in a collection with detailed information including request methods, URLs, test information, and timestamps. Perfect for understanding collection contents before execution.

Run Collection

ata run --collection <COLLECTION_ID> [--env <ENV_ID>] [--genv <GLOBAL_ID>] [--report <report.json>]
ata run --collection <COLLECTION_ID> --env <ENV_ID> --genv <GLOBAL_ID> -r <report.json>

Execute Single Request

Execute a specific request from any collection with optional environment and global variable support. Perfect for debugging individual API calls or quick testing.

ata execute <REQUEST_ID> [--env <ENV_ID>] [--genv <GLOBAL_ID>]

Arguments & Flags

For ata run:

Option	Description	Required
`--collection <COLLECTION_ID>`	The collection ID to run	Yes
`--env <ENV_ID>`	(Optional) Environment ID to use for execution	No
`--genv <GLOBAL_ID>`	(Optional) Global ID to use for execution	No
`--report <report.json>`	Save the run report to a local file (JSON)	No
`-r <report.json>`	Shorthand for --report	No

For ata execute:

Option	Description	Required
`<REQUEST_ID>`	The request ID to execute	Yes
`--env <ENV_ID>`	(Optional) Environment ID to use for execution	No
`--genv <GLOBAL_ID>`	(Optional) Global ID to use for execution	No

Examples

# List all requests in a collection
ata collection requests 68a2ca5acae0c4a58821a5e9

# Run a collection with environment and global context
ata run --collection 68078d82e83b814cd6fbec6b --env 6800dfbcd9ba2022c515beaf --genv 6800dfbcd9ba2022c515beaf --report results.json

# Run a collection without environment/global context
ata run --collection 68078d82e83b814cd6fbec6b

# Execute a single request
ata execute 68a2ca5acae0c4a58821a5eb

# Execute with environment variables
ata execute 68a2ca5acae0c4a58821a5eb --env 6800dfbcd9ba2022c515beaf

Note: --env and --genv are mapped internally to the API's envId and globalId parameters for flexible environment and global context support. They are optional; omit them to use default API behavior.

Output

Console:
- Each request is shown with its name, ID, pass/fail status, and test results.
- A visually distinct summary table appears at the end, showing total, passed, and failed requests, with color and bold formatting for clarity.
Report File (JSON):
- If --report or -r is provided, a machine-readable JSON file is saved with the full run details.

Example Console Output

Found 6 requests in collection.
──────────────────────────────────────────────────
Request: New Request [682b01c3f80b20dd07da3804]
Status: ✔ PASSED
──────────────────────────────────────────────────
Request: update [68078d82e83b814cd6fbec6c]
  ✓ Check if request method is PUT
  ✗ Verify status code is 422 for invalid PUT request: Expected 200 to equal 422
  ✗ Check response body is empty: Expected [object Object] to be empty
  ✓ Verify Content-Type header in response
  ✗ Response time is less than 300ms: Expected 469 to be below 300
  ✓ Verify status code for DELETE request returns 200
  ✗ Verify response body is empty for DELETE request: Expected [object Object] to be empty
  ✗ Verify Content-Type header in response: ata.expect(...).to.contain is not a function
  ✗ Verify response time is less than 300ms for DELETE request: Expected 469 to be below 300
  ✗ Verify DELETE request does not return a body: ata.response.body is not a function
Status: ✗ FAILED
──────────────────────────────────────────────────
Request: patch [68078d82e83b814cd6fbec6d]
  ✓ Verify request method is PATCH
  ✓ Verify response status code is 200
  ✓ Verify Content-Type header is present
  ✓ Verify response time is less than 300ms
Status: ✔ PASSED
──────────────────────────────────────────────────
Request: delete [68078d82e83b814cd6fbec6e]
Status: ✔ PASSED
──────────────────────────────────────────────────
Request: getlist [68078d82e83b814cd6fbec6f]
Status: ✔ PASSED
──────────────────────────────────────────────────
Request: add [68078d82e83b814cd6fbec70]
  ✓ Request method should be POST
  ✗ Validate response status code for invalid data: Expected 201 to equal 422
  ✗ Check response body is empty: Expected [object Object] to be empty
  ✓ Ensure Content-Type header is present in response
  ✗ Response time is less than 300ms: Expected 760 to be below 300
Status: ✗ FAILED

=============================================
         Collection Run Summary
=============================================
Total Requests:    6
Passed:            4
Failed:            2

   4 PASSED, 2 FAILED

=============================================
Report saved to results.json

Example Report File (JSON)

{
  "collectionId": "68078d82e83b814cd6fbec6b",
  "runAt": "2025-05-18T20:52:41.099Z",
  "summary": {
    "total": 5,
    "passed": 0,
    "failed": 5
  },
  "results": [
    {
      "name": "update",
      "id": "68078d82e83b814cd6fbec6c",
      "status": "FAILED",
      "testResults": [
        { "name": "Check if request method is PUT", "success": false, "error": "ata.request.method is not a function" }
      ],
      "error": "Test Failures: Check if request method is PUT: ata.request.method is not a function"
    },
    ...
  ]
}

Error Handling

If the collection ID is missing, the CLI will show an error and exit.
If a request fails or returns an unrecognized response, it is marked as FAILED in the summary and report.
If the report file cannot be written, a clear error message is shown.

Competitive Positioning

The ata run command provides a professional, Postman-like summary and reporting experience—ideal for automated testing, CI/CD, and developer workflows.
Output is clear, color-coded, and easy to scan for quick feedback or auditing.

Create Test Suite

Create comprehensive test suites for your projects with support for multiple testing frameworks and test types. Test suites enable you to organize and automate API testing across multiple collections.

Key Features:

Support for multiple API collections in a single test suite
Various testing frameworks (ATA, CHAI, Java, Python)
Different test suite types (Robustness, Security, Performance)
Automatic code generation for test assertions
Team, company, or private access levels

Usage

ata test create-test-suite \
  --team <TEAM_ID> \
  --project <PROJECT_ID> \
  --framework <FRAMEWORK> \
  --type <TEST_TYPE> \
  --itemName <SUITE_NAME> \
  --apiCollections <COLLECTION_IDS> \
  --testSuiteType <SUITE_TYPE> \
  --generateCode <YES|NO>

Arguments

Option	Description	Required	Example Values
`--team`	Team ID for the test suite	Yes	`690b009797745f554ec67540`
`--project`	Project ID where the test suite will be created	Yes	`690b00ea1ea8bdc5de00020a`
`--framework`	Testing framework to use	Yes	`ATA`, `CHAI`, `JAVA`, `PYTHON`
`--type`	Test suite access level	Yes	`COMPANY`, `TEAM`, `PRIVATE`
`--itemName`	Name for the test suite	Yes	`"User Authentication Tests"`
`--apiCollections`	Comma-separated list of API collection IDs to include in suite (no spaces or use quotes)	Yes	`"id1,id2,id3"` or `id1,id2,id3`
`--testSuiteType`	Type of testing to perform	Yes	`ROBUSTNESS`, `SECURITY_TEST`, `PERFORMANCE_TEST`
`--generateCode`	Enable automatic assertion generation	No	`YES` (default), `NO`

Examples

# Create a security test suite with multiple collections
ata test create-test-suite \
  --team 690b009797745f554ec67540 \
  --project 690b00ea1ea8bdc5de00020a \
  --framework ATA \
  --type TEAM \
  --itemName "Security Test Suite" \
  --apiCollections "692fdf45cff32bf194f6f607,692fcc5b0ed97fc4f7ad987c,692fbbd5fb696d7b6cefd0e1" \
  --testSuiteType SECURITY_TEST \
  --generateCode YES

# Create a performance test suite for a single collection
ata test create-test-suite \
  --team 690b009797745f554ec67540 \
  --project 690b00ea1ea8bdc5de00020a \
  --framework PYTHON \
  --type PRIVATE \
  --itemName "API Performance Tests" \
  --apiCollections "692fdf45cff32bf194f6f607" \
  --testSuiteType PERFORMANCE_TEST

Example Output

Creating test suite...
✓ Test suite created successfully!

==============================================
         Test Suite Details
==============================================
Test Suite ID: 693abc123def456789012345
Name: Security Test Suite
Framework: ATA
Type: SECURITY_TEST
Collections: 3 collection(s)

Framework Options

ATA: AllThingsAPI native testing framework with full platform integration
CHAI: JavaScript assertion library for Node.js testing
JAVA: Java-based testing frameworks (JUnit, TestNG)
PYTHON: Python testing frameworks (pytest, unittest)

Test Suite Types

ROBUSTNESS: Tests for API reliability, error handling, and edge cases
SECURITY_TEST: Security-focused tests including authentication, authorization, and vulnerability detection
PERFORMANCE_TEST: Load testing, response time validation, and throughput testing

Test Types

COMPANY: Accessible to all members of your company
TEAM: Shared within the specified team
PRIVATE: Only accessible to you

Prerequisites

Before creating test suites, ensure you have:

Logged in: Run ata login to authenticate
API Key Configured: The Collection API requires an API key in your environment configuration

Configuration

The command requires the following environment variables in your .env.prod or .env file:

# Collection API endpoint
COLLECTION_API_URL=https://dev.api.collection-server.ata.dev

# Collection API key (required for authorization)
ATA_API_KEY=your-actual-collection-api-key
# or
API_KEY_COLLECTION=your-actual-collection-api-key

Error Handling

Missing Parameters: Clear error messages will indicate which required parameters are missing
Invalid Collection IDs: The API will return validation errors for non-existent collections
401 Unauthorized:
- Ensure you're logged in with ata login
- Verify your API key is configured correctly in the environment file
- Check that ATA_API_KEY or API_KEY_COLLECTION is set to a valid value (not a placeholder)
Network Errors: Check your internet connection and API endpoint configuration

Technical Details

Authentication: Uses access token from login session (~/.ata-cli-config.json)
Authorization: Requires Collection API key from environment configuration
API Endpoint: ${COLLECTION_API_URL}/api-test-suites
HTTP Method: POST
Headers: accesstoken, x-api-key, content-type, accept
Collection IDs: Automatically parsed from comma-separated string or array format
Case Normalization: Framework, type, and testSuiteType values are automatically converted to uppercase

Tips & Best Practices

Multiple Collections: When specifying multiple collection IDs with spaces, wrap the entire list in quotes:
```
--apiCollections "692fdf45cff32bf194f6f607, 692fcc5b0ed97fc4f7ad987c"
```
Or without spaces (no quotes needed):
```
--apiCollections 692fdf45cff32bf194f6f607,692fcc5b0ed97fc4f7ad987c
```
Test Suite Naming: Use descriptive names that clearly indicate the suite's purpose:
```
--itemName "User Authentication & Authorization Tests"
```
Framework Selection: Choose the framework that matches your existing testing infrastructure:
- Use ATA for native AllThingsAPI integration
- Use CHAI, JAVA, or PYTHON if you have existing test frameworks
Access Control: Consider who needs access when setting the type:
- TEAM: Best for collaborative testing within a specific team
- COMPANY: Use for organization-wide test suites
- PRIVATE: Ideal for experimental or personal test development

Generate Test Cases (Bulk)

Automatically generate test cases for all requests in a test suite using AI-powered test generation. This command initiates bulk test case generation for an entire test suite.

Usage

ata test generate-testcase-all \
  --team <TEAM_ID> \
  --project <PROJECT_ID> \
  --testSuiteId <TEST_SUITE_ID> \
  --type <TEST_TYPE> \
  --module <MODULE>

Arguments

Option	Description	Required	Example Values
`--team`	Team ID	Yes	`690b009797745f554ec67540`
`--project`	Project ID	Yes	`690b00ea1ea8bdc5de00020a`
`--testSuiteId`	Test Suite ID to generate tests for	Yes	`693abc123def456789012345`
`--type`	Test type	Yes	`robustness`, `security`, `performance`
`--module`	Test module	Yes	`robustness`, `security_test`, `performance_test`

Example

ata test generate-testcase-all \
  --team 690b009797745f554ec67540 \
  --project 690b00ea1ea8bdc5de00020a \
  --testSuiteId 693abc123def456789012345 \
  --type security \
  --module security_test

Example Output

⠋ Cloning version package for application version...

✓ Bulk generation scheduled!

==============================================
         Generation Details
==============================================
Status: PROCESSING
message: Test case generation has been queued
collections: 3

Notes

Test case generation is an asynchronous process
Generation happens in the background and may take several minutes
You'll receive the status immediately, but actual tests are generated over time
Check your test suite in the ATA web interface to see generated test cases

Generate Test Cases (By Request)

Generate or retrieve test cases for a specific API request. This command allows fine-grained control over test generation for individual requests.

Usage

ata test generate-testcase-request \
  --team <TEAM_ID> \
  --project <PROJECT_ID> \
  --request <REQUEST_ID> \
  --type <TEST_TYPE> \
  --testSuiteId <TEST_SUITE_ID> \
  --apiCollection <API_COLLECTION_ID> \
  --force <true|false>

Arguments

Option	Description	Required	Default	Example Values
`--team`	Team ID	Yes	-	`690b009797745f554ec67540`
`--project`	Project ID	Yes	-	`690b00ea1ea8bdc5de00020a`
`--request`	Specific request ID to generate tests for	Yes	-	`692fdf45cff32bf194f6f607`
`--type`	Test type	Yes	-	`robustness`, `security`, `performance`
`--testSuiteId`	Test Suite ID	Yes	-	`693abc123def456789012345`
`--apiCollection`	API Collection ID	Yes	-	`692fbbd5fb696d7b6cefd0e1`
`--force`	Force regeneration if tests exist	No	`false`	`true`, `false`

Examples

# Generate test cases for a specific request
ata test generate-testcase-request \
  --team 690b009797745f554ec67540 \
  --project 690b00ea1ea8bdc5de00020a \
  --request 692fdf45cff32bf194f6f607 \
  --type security \
  --testSuiteId 693abc123def456789012345 \
  --apiCollection 692fbbd5fb696d7b6cefd0e1

# Force regeneration of existing test cases
ata test generate-testcase-request \
  --team 690b009797745f554ec67540 \
  --project 690b00ea1ea8bdc5de00020a \
  --request 692fdf45cff32bf194f6f607 \
  --type robustness \
  --testSuiteId 693abc123def456789012345 \
  --apiCollection 692fbbd5fb696d7b6cefd0e1 \
  --force true

Example Output

⠋ Generation by request ID............

✓ Test Case Generation Started!

==============================================
         Generation Details
==============================================
Total Count: 12
Status: COMPLETED

Notes

Use --force true to regenerate test cases even if they already exist
Without --force, the command will return existing test cases if available
Generation is typically faster for individual requests compared to bulk generation

Run All Test Cases

Execute all test cases for a specific request with optional environment and dataset support.

Usage

ata test run-all-testcase \
  --testSuiteId <TEST_SUITE_ID> \
  --request <REQUEST_ID> \
  --env <ENVIRONMENT_ID> \
  --dataSet <DATASET_ID>

Arguments

Option	Description	Required	Example Values
`--testSuiteId`	Test Suite ID containing the test cases	Yes	`693abc123def456789012345`
`--request`	Request ID to execute test cases for	Yes	`692fdf45cff32bf194f6f607`
`--env`	Environment ID for test execution	No	`6800dfbcd9ba2022c515beaf`
`--dataSet`	Dataset ID for data-driven testing	No	`dataset123456789`

Examples

# Run all test cases for a request
ata test run-all-testcase \
  --testSuiteId 693abc123def456789012345 \
  --request 692fdf45cff32bf194f6f607

# Run with specific environment
ata test run-all-testcase \
  --testSuiteId 693abc123def456789012345 \
  --request 692fdf45cff32bf194f6f607 \
  --env 6800dfbcd9ba2022c515beaf

# Run with environment and dataset
ata test run-all-testcase \
  --testSuiteId 693abc123def456789012345 \
  --request 692fdf45cff32bf194f6f607 \
  --env 6800dfbcd9ba2022c515beaf \
  --dataSet dataset123456789

Example Output

⠋ Run All Test Cases......

✓ Generation process has been initiated!

==============================================
         Generation Details
==============================================
Message: All test cases execution started successfully

Notes

Test execution is asynchronous - results appear in your test suite dashboard
Environment variables from the specified environment will be used during execution
Dataset provides different test data combinations for data-driven testing

Run UI Automation Tests

Execute UI automation tests using Playwright for end-to-end testing. Supports multiple test levels from individual test cases to entire applications.

Usage

ata test run-ui-automation \
  --type <TEST_TYPE> \
  --application <APPLICATION_ID> \
  [type-specific options] \
  [execution options]

Arguments

Option	Description	Required	Default	Example Values
`--type`	Test execution level	Yes	-	`TEST_CASE`, `TEST_SCENARIO`, `TEST_SUITE`, `APPLICATION`
`--application`	Application ID	Yes	-	`901stu234vwx`
`--testCase`	Test Case ID (for TEST_CASE type)	Conditional	-	`123abc456def`
`--testScenario`	Test Scenario ID (for TEST_SCENARIO/TEST_CASE)	Conditional	-	`789ghi012jkl`
`--testSuite`	Test Suite ID (for TEST_SUITE/TEST_SCENARIO/TEST_CASE)	Conditional	-	`345mno678pqr`
`--dataSet`	Dataset ID for data-driven tests	No	-	`dataset123456`
`--testContent`	Custom test content (for TEST_CASE)	No	-	-
`--headed`	Run with visible browser UI	No	`false`	-
`--poll-interval`	Report polling interval in seconds	No	`5`	`3`, `10`
`--timeout`	Max wait time in minutes	No	`30`	`15`, `60`

Type-Specific Requirements

TEST_CASE: Requires --testCase, --testScenario, --testSuite, --application TEST_SCENARIO: Requires --testScenario, --testSuite, --application TEST_SUITE: Requires --testSuite, --application APPLICATION: Requires only --application

Examples

# Run a specific test case (headless)
ata test run-ui-automation \
  --type TEST_CASE \
  --testCase 123abc456def \
  --testScenario 789ghi012jkl \
  --testSuite 345mno678pqr \
  --application 901stu234vwx

# Run test scenario with visible browser
ata test run-ui-automation \
  --type TEST_SCENARIO \
  --testScenario 789ghi012jkl \
  --testSuite 345mno678pqr \
  --application 901stu234vwx \
  --headed

# Run entire test suite with custom polling
ata test run-ui-automation \
  --type TEST_SUITE \
  --testSuite 345mno678pqr \
  --application 901stu234vwx \
  --poll-interval 10 \
  --timeout 60

# Run all application tests with dataset
ata test run-ui-automation \
  --type APPLICATION \
  --application 901stu234vwx \
  --dataSet dataset123456 \
  --headed

Example Output

⠋ Starting TEST_CASE UI automation test...

✓ Test execution started successfully!

==============================================
         Test Execution Details
==============================================
Report ID: 693def456abc789012345678
Test Type: TEST_CASE
Test Case: 123abc456def
Test Scenario: 789ghi012jkl
Test Suite: 345mno678pqr
Application: 901stu234vwx
Mode: Headless

Polling for test results...
⠋ Polling... (12) - Status: RUNNING - Progress: 60%
✓ Test execution completed!

Report URL: https://dev.api.express-server.ata.dev/reports/693def456abc789012345678

✓ All tests passed successfully!

Prerequisites

ATA Agent Running: The local ATA agent must be running (default: http://localhost:10534)
```
# Check if agent is running
curl http://localhost:10534/agent/knockknock
```
Logged In: Must be authenticated with ata login
Valid Test Data: All test IDs must exist and be accessible

Configuration

The command uses the following environment variables:

# ATA Agent endpoint for UI automation
AGENT_API_URL=http://localhost:10534

# Express server for report polling
EXPRESS_URL=https://dev.api.express-server.ata.dev

Execution Modes

Headless (default): Browser runs in background, faster, ideal for CI/CD
Headed (--headed): Browser UI visible, useful for debugging and development

Error Handling

Connection Refused: Agent not running - start the ATA agent first
Timeout: Test didn't complete within specified time - check report ID manually
404 During Polling: Report not yet available - normal during initial stages
Test Failures: Exit code 1, check report URL for detailed failure information

CI/CD Integration

The command provides proper exit codes for automation:

0: All tests passed successfully
1: Test execution failed, timeout, or connection error

Perfect for integration into CI/CD pipelines with automatic failure detection.

Run Workflow Tests

Execute workflow tests for both API Chained Testing and E2E UI Automation Testing. Supports real-time monitoring of workflow execution with comprehensive node status reporting.

Usage

ata test run-workflow --workflowId <WORKFLOW_ID>

Arguments

Option	Description	Required	Example Values
`--workflowId`	Workflow ID to execute	Yes	`68cd3243a7e3cf7b6b0e5f1e`

Example

# Run a workflow test
ata test run-workflow --workflowId 68cd3243a7e3cf7b6b0e5f1e

Example Output

⠋ Fetching workflow details...
✓ Workflow details fetched successfully
⠋ Fetching workflow versions...
✓ Workflow versions fetched successfully

==============================================
         Workflow Execution Details
==============================================
Workflow ID: 68cd3243a7e3cf7b6b0e5f1e
Workflow Version: 68cd3244a7e3cf
==============================================

⠋ Starting workflow execution...
✓ Test case generation has been initiated successfully!

Execution ID: cc833cf6-665b-49b9-92ff-ac0086921d06
Execution Status: COMPLETED

==============================================
         Workflow Nodes Summary
==============================================

┌───────────────┬───────────────┐
│ Type          │ Status        │
├───────────────┼───────────────┤
│ start         │ COMPLETED     │
│ condition     │ COMPLETED     │
│ activity      │ COMPLETED     │
└───────────────┴───────────────┘

Workflow Types Supported

API Chained Testing

Sequential API request execution
Conditional branching based on responses
Data passing between requests
Assertion validation at each step
Comprehensive status tracking

E2E UI Automation Testing

Browser-based workflow execution
Multi-step user journey testing
Screenshot capture on failures
Headless/headed mode support
Real-time progress monitoring

Prerequisites

Logged In: Must be authenticated with ata login
Valid Workflow ID: Workflow must exist and be accessible
Workflow Server: Workflow server must be running and accessible

Configuration

The command uses the following environment variables:

# Workflow server endpoint
WORKFLOW_API_URL=https://dev.workflow-server.ata.dev

Features

Real-Time Monitoring: Track workflow execution progress in real-time
Node Status Tracking: Monitor status of each workflow node (start, condition, activity)
Comprehensive Reporting: Clean table format showing node types and statuses
Error Handling: Clear error messages for troubleshooting
Version Management: Automatically uses the latest workflow version
Progress Indicators: Visual feedback during execution stages

Node Types

Type	Description
start	Initial entry point of the workflow
condition	Conditional logic nodes for branching
activity	Action nodes (API calls, UI interactions)

Error Handling

Connection Refused: Workflow server not reachable - check server status
401 Unauthorized: Token expired - run ata login again
404 Not Found: Invalid workflow ID - verify the ID
Timeout: Workflow didn't complete within specified time
Execution Failures: Check workflow configuration and dependencies

CI/CD Integration

The command provides proper exit codes for automation:

0: Workflow executed successfully
1: Workflow execution failed or connection error

Perfect for integration into CI/CD pipelines for automated workflow testing.

Lint OpenAPI Spec

Validate and lint your OpenAPI specifications against standard and custom policy rules using the Spectral CLI. Supports both remote API specs and local OpenAPI files in JSON and YAML formats.

Usage

# Lint a remote API specification
ata api lint --package <PACKAGE_ID> --policy <POLICY_ID|default>

# Lint a local OpenAPI file
ata api lint --file <FILE_PATH> --policy <POLICY_ID|default>

Arguments

Option	Description	Required
`--package <PACKAGE_ID>`	Package ID containing the OpenAPI spec to lint	Yes (if --file not provided)
`--file <FILE_PATH>`	Path to local OpenAPI file (.json, .yml, .yaml)	Yes (if --package not provided)
`--policy <POLICY_ID>`	Policy ID to validate against (use 'default' for standard OpenAPI rules)	No

Examples

# Validate a remote API spec against standard OpenAPI rules
ata api lint --package 68275ec4094dd3ec1b66cc85 --policy default

# Validate a remote API spec against a specific custom policy
ata api lint --package 68275ec4094dd3ec1b66cc85 --policy 6800dfbffee72cc9c148b38f

# Validate a local JSON file against standard OpenAPI rules
ata api lint --file ./specs/my-api.json --policy default

# Validate a local YAML file against a specific custom policy
ata api lint --file ./specs/petstore.yaml --policy 6800dfbffee72cc9c148b38f

Sample Files

The CLI package includes sample OpenAPI files in the test-specs directory that you can use for testing and reference:

test-specs/sample-openapi.json - A valid OpenAPI specification
test-specs/flawed-openapi.json - An OpenAPI specification with intentional issues for testing linting functionality
test-specs/.spectral.yaml - A sample Spectral configuration file

You can use these files to experiment with the linting functionality:

# Test linting with the included sample files
ata api lint --file ./test-specs/flawed-openapi.json --policy default

Example Output

┌──────────────────────────────────────────────────┐
│ OpenAPI Specification Lint Results               │
├──────────────────────────────────────────────────┤
│ Package ID: 68275ec4094dd3ec1b66cc85              │
│ Policy:     6800dfbffee72cc9c148b38f              │
├──────────────────────────────────────────────────┤
│ Summary                                          │
│   • Total Issues: 1                               │
│   • Errors:       1                               │
│   • Warnings:     0                               │
│   • Info:         0                               │
├──────────────────────────────────────────────────┤
│ Errors                                           │
├──────────────────────────────────────────────────┤
│❌ [6800dfbffee72cc9c148b38f-rule] API must        │
│define security schemes                           │
│   components                                     │
│   at line 130                                    │
│                                                  │
├──────────────────────────────────────────────────┤
│ ❌ Failed: API specification has errors           │
└──────────────────────────────────────────────────┘

Features

Dual Validation Modes:
- Default Mode: Standard OpenAPI (OAS3) validation rules
- Custom Policy Mode: Organization-specific validation rules
Policy-Specific Rules: Different policies validate different aspects of the API:
- Security policies check for proper security definitions
- Response policies validate consistent response structures
- Custom policies for organization-specific requirements
Professional Output:
- Clear categorization of issues by severity
- Detailed location information with precise line numbers
- Well-formatted, boxed output for readability
- Path information for pinpointing exact issue locations
- Color-coded pass/fail indicators
Advanced Implementation:
- Powered by Spectral CLI for reliable validation
- Temporary file management for efficient processing
- Custom rules transformation for policy-specific validation

Error Handling

Missing package ID or file path parameters trigger clear error messages
Either --package or --file must be provided (but not both)
Authentication failures include instructions for login
Network issues provide actionable troubleshooting steps
Invalid OpenAPI specs show detailed validation errors
File access and parsing errors include specific error messages
Debug mode shows additional implementation details (set DEBUG=1)
Non-zero exit code returned when API specification has errors

Technical Details

Based on @stoplight/spectral-cli v6.x
Creates isolated rulesets for each policy ID
Policies are fetched and transformed into Spectral-compatible format
Temporary files are automatically cleaned up after execution
Supports JSON and YAML format detection and parsing
File format is automatically detected based on extension or content
Uses js-yaml for YAML parsing and @stoplight/json for JSON parsing
Properly validates both remote and local OpenAPI specifications

Export OpenAPI Spec

Export the OpenAPI specification for a version package in JSON or YAML format.

Usage

ata api get --package <PACKAGE_ID> --output <openapi.json|openapi.yaml|openapi.yml>

Arguments

Option	Description	Required
`--package <PACKAGE_ID>`	The version package ID to export	Yes
`--output <FILE>`	Output file name (extension determines format)	No

Supported Formats

.json (default): OpenAPI JSON
.yaml or .yml: OpenAPI YAML

Examples

ata api get --package 68275ec4094dd3ec1b66cc85 --output openapi.json   # JSON
ata api get --package 68275ec4094dd3ec1b66cc85 --output openapi.yaml   # YAML
ata api get --package 68275ec4094dd3ec1b66cc85 --output openapi.yml    # YAML

If --output is not specified, the CLI will default to openapi-<PACKAGE_ID>.json.

Error Handling

If --package is missing, the CLI will show an error and exit.
If the OpenAPI spec is not found, you will see a clear error message.
You must be logged in (ata login) before using api get.

Update API Specification

Update an OpenAPI specification for a package by uploading content from a local file.

Usage

ata api update --package <PACKAGE_ID> --file <FILE_PATH>

Options

Option	Description	Required
`--package <PACKAGE_ID>`	Package ID to update	Yes
`--file <FILE_PATH>`	Path to OpenAPI spec file	Yes

Example

ata api update --package abc123 --file ./openapi.json

Features

Supports JSON and YAML formats (.json, .yml, .yaml)
Secure authentication using your ATA credentials
Clear success and error messaging

You must be logged in (ata login) before using this command.

🌍 Environment Management

Create and manage environments for API testing with team and project scoping. Environments store variables and configurations that can be used across collections and requests.

Create Environment

ata env create --name <NAME> --project <PROJECT_ID> --team <TEAM_ID> [options]

Create a new environment with specified configurations.

Options

Option	Description	Required	Default
`--name <NAME>`	Environment name	Yes	-
`--project <PROJECT_ID>`	Project ID	Yes	-
`--team <TEAM_ID>`	Team ID	Yes	-
`--description <TEXT>`	Environment description	No	-
`--type <TYPE>`	Environment type	No	TEAM
`--for <FOR>`	Environment for	No	API_LAB
`--global`	Make environment global	No	false
`--locked`	Lock the environment	No	false
`--no-public`	Make environment private	No	public

Example

# Create a basic environment
ata env create --name "Development" --project 68c97f9b251a3b05ffa18608 --team 68c97f9948483ccaf657c0fe

# Create a global environment with description
ata env create --name "Production" --project 68c97f9b251a3b05ffa18608 --team 68c97f9948483ccaf657c0fe --description "Production environment variables" --global

# Create a locked, private environment
ata env create --name "Staging" --project 68c97f9b251a3b05ffa18608 --team 68c97f9948483ccaf657c0fe --locked --no-public

List Environments

ata env list --project <PROJECT_ID> [options]

List environments for a specific project with optional filtering.

Options

Option	Description	Required
`--project <PROJECT_ID>`	Project ID to list environments for	Yes
`--team <TEAM_ID>`	Filter by team ID	No
`--name <SEARCH_NAME>`	Search by environment name	No
`--global`	Show only global environments	No

Examples

# List all environments for a project
ata env list --project 68c97f9b251a3b05ffa18608

# List environments for a specific project and team
ata env list --project 68c97f9b251a3b05ffa18608 --team 68c97f9948483ccaf657c0fe

# Search for environments by name
ata env list --project 68c97f9b251a3b05ffa18608 --name "dev"

# List only global environments for a project
ata env list --project 68c97f9b251a3b05ffa18608 --global

Delete Environment

ata env delete <ENV_ID> [options]

Delete an environment by its ID.

Options

Option	Description	Required
`--force`	Skip confirmation prompt	No

Examples

# Delete with confirmation
ata env delete 6829abc123def456789

# Delete without confirmation
ata env delete 6829abc123def456789 --force

Get Environment Variables

ata env get <ENV_ID|DATASET_ID> [options]

Retrieve and display environment variables from an environment or dataset.

Options

Option	Description	Required	Default
`--output <FILE>`	Export variables to file	No	-
`--format <FORMAT>`	Output format (json or env)	No	json
`--show-secrets`	Display secret values	No	false

Features

View all variables in an environment or dataset
Hide secret values by default for security
Export to JSON for programmatic use
Export to .env format for direct use in applications
Display variable metadata (type, active status, encryption)

Examples

# Get environment variables (secrets hidden)
ata env get 68cbf3a1608f5fbdf23ff298

# Show all variables including secrets
ata env get 68cbf3a1608f5fbdf23ff298 --show-secrets

# Export to JSON file
ata env get 68cbf3a1608f5fbdf23ff298 --output variables.json

# Export to .env file with secrets
ata env get 68cbf3a1608f5fbdf23ff298 --output .env --format env --show-secrets

# Export for use in application
ata env get 68cbf3a1608f5fbdf23ff298 --output production.env --format env

Example Output

✅ Environment variables retrieved successfully!
──────────────────────────────────────────────
Dataset: Default DataSet
Dataset ID: 68cbf3a1608f5fbdf23ff298
Default: Yes
Global: No
──────────────────────────────────────────────

Variables:
──────────────────────────────────────────────
Name: base_url
Value: https://api.example.com/
Type: DEFAULT
Active: Yes
Encrypted: No

Name: api_key
Value: ******* (secret)
Type: SECRET
Active: Yes
Encrypted: No
──────────────────────────────────────────────

Total variables: 2

📥 Collection Import

Import collections from various sources including ATA, Postman, and Swagger/OpenAPI specifications. Collections can be imported at team, company, or personal levels with public/private visibility options.

Import Collection

ata collection import --project <PROJECT_ID> --from <SOURCE> [options]

Import a collection from supported formats into your ATA project.

Required Options

Option	Description	Values
`--project <PROJECT_ID>`	Target project ID	Project ID string
`--from <SOURCE>`	Import source format	`ATA`, `POSTMAN`, `SWAGGER`

Organization Level (Choose One)

Option	Description
`--team <TEAM_ID>`	Import to team level
`--company <COMPANY_ID>`	Import to company level
`--personal <PERSONAL_ID>`	Import to personal level

Source Options

Option	Description	Required For
`--file <PATH>`	Path to collection file	ATA, Postman, Swagger file
`--url <URL>`	Swagger specification URL	Swagger URL import only
`--public`	Make collection public (default: false)	Optional

Examples

Import ATA Collection

# Import ATA collection to team level
ata collection import --project 688c7a1b03cdbd47222fc9e3 --team 688c63fe5e9ad48f3217e75f --from ATA --file collection.json

# Import ATA collection to company level as public
ata collection import --project 688c7a1b03cdbd47222fc9e3 --company abc123 --from ATA --file collection.json --public

Import Postman Collection

# Import Postman collection to team
ata collection import --project 688c7a1b03cdbd47222fc9e3 --team 688c63fe5e9ad48f3217e75f --from POSTMAN --file postman-collection.json

# Import Postman collection to personal workspace
ata collection import --project 688c7a1b03cdbd47222fc9e3 --personal user123 --from POSTMAN --file my-tests.json

Import Swagger/OpenAPI

# Import from Swagger file
ata collection import --project 688c7a1b03cdbd47222fc9e3 --team 688c63fe5e9ad48f3217e75f --from SWAGGER --file openapi.json

# Import from Swagger URL
ata collection import --project 688c7a1b03cdbd47222fc9e3 --team 688c63fe5e9ad48f3217e75f --from SWAGGER --url https://petstore.swagger.io/v2/swagger.json

# Import Swagger to company level as public
ata collection import --project 688c7a1b03cdbd47222fc9e3 --company abc123 --from SWAGGER --url https://api.example.com/swagger.json --public

Import from Application Package

ata collection import-package <PACKAGE_ID> [options]

Import a collection directly from an application package containing OpenAPI specifications. This command extracts the OpenAPI spec from the package and automatically imports it as a collection.

Arguments

Argument	Description
`<PACKAGE_ID>`	Application package ID containing OpenAPI spec

Options

Option	Description
`--project <PROJECT_ID>`	Override project ID from package
`--team <TEAM_ID>`	Override team ID or import to specific team
`--company <COMPANY_ID>`	Import to company level instead of team
`--personal <PERSONAL_ID>`	Import to personal level instead of team
`--public`	Make collection public (default: false)

Examples

# Import using package's default team and project
ata collection import-package 68cd3244a7e3cf7b6b0e5f1f

# Override the target project
ata collection import-package 68cd3244a7e3cf7b6b0e5f1f --project 6800dfb250a4f6540b38913b

# Import to company level
ata collection import-package 68cd3244a7e3cf7b6b0e5f1f --company 6848011ff1118197c2bf3dd4

# Import as public collection to personal workspace
ata collection import-package 68cd3244a7e3cf7b6b0e5f1f --personal user123 --public

Supported Formats

ATA Collections

Native ATA collection format (JSON)
Preserves all test cases and configurations
Maintains variable references and environments

Postman Collections

Postman Collection v2.0 and v2.1 formats
Automatically converts Postman tests to ATA format
Preserves request configurations and pre/post scripts

Swagger/OpenAPI

OpenAPI 3.0.x specifications
Swagger 2.0 specifications
Import from file (JSON/YAML) or directly from URL
Automatically generates request collections from paths

Application Packages

Extracts OpenAPI specifications from application version packages
Automatically uses package metadata (team, project IDs)
Supports version-specific OpenAPI specs

Features

Multi-level Import: Import to team, company, or personal workspaces
Format Detection: Automatic detection of collection format
Progress Indicators: Visual feedback during import process
Error Handling: Clear error messages for troubleshooting
Public/Private: Control collection visibility
URL Import: Direct import from Swagger URLs without downloading

Output

✓ Collection imported successfully to team 688c63fe5e9ad48f3217e75f
Collection ID: 68d123abc456def789012345

Error Handling

Authentication required - must be logged in via ata login
Project ID validation ensures target exists
File existence checks before upload
Format validation for collection files
Network error handling for URL imports

📊 API Monitoring

Create and manage automated API monitors to continuously test your collections on schedules, receive failure notifications, and track performance over time.

Create Monitor

ata monitor create --project <PROJECT_ID> --team <TEAM_ID> --name <NAME> --collection <COLLECTION_ID> [options]

Create a new API monitor with scheduling and notification configurations.

Required Options

Option	Description
`--project <PROJECT_ID>`	Project ID for the monitor
`--team <TEAM_ID>`	Team ID for the monitor
`--name <NAME>`	Monitor name
`--collection <COLLECTION_ID>`	Collection ID to monitor

Optional Configuration

Option	Description	Default
`--type <TYPE>`	Monitor type (AD_HOC or SCHEDULED)	AD_HOC
`--status <STATUS>`	Initial status (DRAFT or ACTIVE)	DRAFT
`--env <ENV_ID>`	Environment ID(s) to use (can specify multiple)	-
`--global-env <GLOBAL_ENV_ID>`	Global environment ID	-

Scheduling Options

Option	Description	Example
`--frequency <FREQUENCY>`	Execution frequency (DAYS, WEEKS, MONTHS)	WEEKS
`--day <DAY>`	Day of week for weekly execution	MONDAY
`--time <TIME>`	Execution time (HH:MM format)	08:00

Notification Options

Option	Description	Example
`--failure-email <EMAILS>`	Email addresses for failure notifications (comma-separated)	alert@example.com
`--report-email <EMAILS>`	Email addresses for report delivery (comma-separated)	report@example.com
`--retry-option <OPTION>`	Retry option on failure	retryAfterInHour
`--retry-interval <INTERVAL>`	Retry interval	1

Examples

Create a Basic Monitor

ata monitor create --project 68a6ff1aca191aa0c2e2d338 --team 68903049d0c5b7af278a038a --name "Production API Monitor" --collection 68cd1de4de25bda1a6410aa9

Create a Scheduled Monitor with Notifications

ata monitor create \
  --project 68a6ff1aca191aa0c2e2d338 \
  --team 68903049d0c5b7af278a038a \
  --name "Weekly API Health Check" \
  --collection 68cd1de4de25bda1a6410aa9 \
  --type SCHEDULED \
  --status ACTIVE \
  --frequency WEEKS \
  --day MONDAY \
  --time 08:00 \
  --failure-email "alerts@example.com,team@example.com" \
  --report-email "reports@example.com" \
  --env 68b6882d075f76072ec76117

Create Monitor with Multiple Environments

ata monitor create \
  --project 68a6ff1aca191aa0c2e2d338 \
  --team 68903049d0c5b7af278a038a \
  --name "Multi-Env Monitor" \
  --collection 68cd1de4de25bda1a6410aa9 \
  --env 68b6882d075f76072ec76117 \
  --env 68b6882d075f76072ec76118 \
  --global-env 68b6882d075f76072ec76119

List Monitors

ata monitor list --project <PROJECT_ID> [options]

List all monitors for a project with filtering and pagination options.

Options

Option	Description	Default
`--project <PROJECT_ID>`	Project ID (required)	-
`--page <PAGE>`	Page number	1
`--size <SIZE>`	Page size	10
`--search-name <NAME>`	Search by name	-
`--monitor-name <NAME>`	Filter by monitor name	-
`--collection-name <NAME>`	Filter by collection name	-
`--status <STATUS>`	Filter by status (ACTIVE, DRAFT, PAUSED)	-
`--failure-via <VIA>`	Filter by failure notification method	-
`--report-via <VIA>`	Filter by report delivery method	-
`--created-at <DATE>`	Filter by creation date	-

Examples

# List all monitors for a project
ata monitor list --project 68a6ff1aca191aa0c2e2d338

# Filter by status and paginate
ata monitor list --project 68a6ff1aca191aa0c2e2d338 --status ACTIVE --page 2 --size 20

# Search for specific monitors
ata monitor list --project 68a6ff1aca191aa0c2e2d338 --search-name "production"

View Monitor Runs

ata monitor runs <MONITOR_ID>

Get the execution history for a specific monitor, including run status, test results, and performance metrics.

Example

ata monitor runs 68cd1f153ad693e0e260a15d

Output

==============================================
             Monitor Run History
==============================================
Monitor ID: 68cd1f153ad693e0e260a15d
──────────────────────────────────────────────
Summary:
  Total Runs: 24
  ✓ Successful: 20
  ✗ Failed: 4
──────────────────────────────────────────────

Run #1 [Tag: 1758273305009]
Status: ✓ SUCCESS
Date: 1/19/2025, 2:15:05 PM
Requests: 10
Tests: 25 total (23 passed, 2 failed)
Duration: 1250ms

Run #2 [Tag: 1758273304008]
Status: ✗ FAILED
Date: 1/19/2025, 2:00:04 PM
Requests: 10
Tests: 25 total (18 passed, 7 failed)
Duration: 1450ms
Error: Connection timeout

Get Run Details

ata monitor run-details <MONITOR_ID> --tag <TAG> [--output <FILE>]

Get a detailed report for a specific monitor run, including individual request results, test outcomes, and performance metrics.

Options

Option	Description
`--tag <TAG>`	Run tag identifier (required)
`--output <FILE>`	Save detailed report to JSON file

Example

# View run details in console
ata monitor run-details 68cd1f153ad693e0e260a15d --tag 1758273305009

# Save detailed report to file
ata monitor run-details 68cd1f153ad693e0e260a15d --tag 1758273305009 --output report.json

Detailed Report Output

==============================================
          Monitor Run Detailed Report
==============================================
Monitor ID: 68cd1f153ad693e0e260a15d
Run Tag: 1758273305009

📊 Run Summary:
Status: ✓ SUCCESS
Executed At: 1/19/2025, 2:15:05 PM
Duration: 1.3s

📝 Request Statistics:
  Total Requests: 10
  ✓ Successful: 9
  ✗ Failed: 1

🧪 Test Results:
  Total Tests: 25
  ✓ Passed: 23
  ✗ Failed: 2

📋 Test Cases:
  ✓ Check status code is 200
  ✓ Verify response time < 500ms
  ✗ Validate response schema
     Error: Expected property 'id' to be present
  ✓ Check content-type header

📨 Request Details:
  Request #1: GET /api/users
  Method: GET
  URL: https://api.example.com/api/users
  Status Code: 200
  Response Time: 125ms
  Tests:
    ✓ Status code is 200
    ✓ Response time < 500ms

⚡ Performance Metrics:
  Average Response Time: 135ms
  Min Response Time: 89ms
  Max Response Time: 245ms
  P95 Response Time: 210ms

Features

Automated Monitoring: Schedule collections to run automatically at specified intervals
Multi-Environment Support: Test with multiple environments in a single monitor
Failure Notifications: Get email alerts when monitors fail
Report Delivery: Receive regular reports via email
Run History: Track monitor performance over time
Detailed Reporting: Drill down into specific run details
Performance Metrics: Monitor API response times and reliability
Retry Logic: Configure automatic retry on failures

Monitor States

DRAFT: Monitor is configured but not running
ACTIVE: Monitor is actively running on schedule
PAUSED: Monitor is temporarily suspended
FAILED: Monitor encountered an error

🤝 Team Commands

List Teams

ata team list

List all teams assigned to the current user, including team names, IDs, descriptions, and member counts.

Example Output

==============================================
         Available Teams         
==============================================
──────────────────────────────────────────────
Team: Backend Developers [6848011ff1118197c2bf3dd4]
Created: 6/10/2025, 9:55:44 AM
Description: Core development team for API services
Members: 8
Alias: be-dev
──────────────────────────────────────────────

✓ 3 teams retrieved successfully.

List Business Applications for a Team

ata team business-apps <TEAM_ID>

Display all business applications associated with a specific team, including detailed information about each application.

Arguments

Option	Description	Required
`<TEAM_ID>`	The Team ID to get business apps for	Yes

Example

ata team business-apps 6848011ff1118197c2bf3dd4

Example Output

=======================================================
         Business Applications for Team         
=======================================================
──────────────────────────────────────────────────────────
Title: Backend Developers [68480147654d33540dea419f]
Created: 6/10/2025, 9:56:23 AM
Description: 
Type: PUBLIC
Category: TEAM
──────────────────────────────────────────────────────────
Title: Team Business Application [684801208724f47ae6fcbc73]
Created: 6/10/2025, 9:55:44 AM
Description: Default Project
Type: PUBLIC
Category: TEAM
Robustness Tests: 9
Security Tests: 19
──────────────────────────────────────────────────────────

✓ 2 business application(s) retrieved successfully.

📋 Policy Management

List Governance Policies

ata policy list [OPTIONS]

List all governance policies with support for filtering, searching, and pagination. Policies help enforce API design standards and best practices across your organization.

Options

Option	Description	Default
`--page <NUMBER>`	Page number for pagination	1
`--size <NUMBER>`	Number of policies per page	10
`--search <TEXT>`	Search term to filter policies	-
`--type <TYPE>`	Filter by policy type	-
`--status <STATUS>`	Filter by status (ACTIVE, DRAFT, DISABLED, ARCHIVED)	-

Examples

# List all policies with default pagination
ata policy list

# Search for specific policies
ata policy list --search "OWASP"

# Filter by status and use custom pagination
ata policy list --status ACTIVE --page 2 --size 5

# Combine search and filters
ata policy list --search "security" --type API --status DRAFT

Example Output

==============================================
          Governance Policies
==============================================

OWASP Top 10 [6890304962f5aa3c08a9ee01] ● ACTIVE
Documentation [6890304962f5aa3c08a9edfc] ○ DRAFT
Zalando [6890304962f5aa3c08a9ee06] ○ DRAFT
Versioning [6890304962f5aa3c08a9ee05] ○ DRAFT
URL Style Guidelines [6890304962f5aa3c08a9ee04] ○ DRAFT
Spell Check [6890304962f5aa3c08a9ee02] ○ DISABLED
JSON API [6890304962f5aa3c08a9edff] ● ACTIVE
OWASP Top 10 2023 [6890304962f5aa3c08a9ee00] ● ACTIVE
Enforce HTTPs [6890304962f5aa3c08a9edfd] ○ DRAFT
Security Best Practices [6890304962f5aa3c08a9eefe] ⊘ ARCHIVED

Page 1 of 2 (Total: 15 policies)
Use --page 2 to see more results

✓ 10 policy(ies) retrieved successfully.

🏗️ Application Management

Create and manage applications with their versions and packages. This complete lifecycle management enables you to organize APIs, track versions, and integrate OpenAPI specifications.

Create Application

ata app create --project <PROJECT_ID> --team <TEAM_ID> --name <NAME> [options]

Create a new application in your project with configuration for deployment, technology stack, and integration settings.

Examples

# Basic application
ata app create --project 689c0a5b --team 68903049 --name "Payment API"

# Full configuration
ata app create \
  --project 689c0a5b \
  --team 68903049 \
  --name "Payment Gateway API" \
  --description "Secure payment processing service" \
  --tech-stack BACKEND \
  --tech-stack-data EXPRESS_JS \
  --deployment-server SERVERLESS \
  --git-tracking \
  --git-url "https://github.com/myorg/payment-api.git"

Create Application Version

ata app version-create --project <PROJECT_ID> --team <TEAM_ID> --application <APP_ID> --name <VERSION> [options]

Create versions for your applications to track changes and manage different releases.

Examples

# Basic version
ata app version-create \
  --project 689c0a5b \
  --team 68903049 \
  --application 68cd3243a7e3cf \
  --name "1.0.0"

# Version with policies
ata app version-create \
  --project 689c0a5b \
  --team 68903049 \
  --application 68cd3243a7e3cf \
  --name "2.0.0" \
  --status DRAFT \
  --policies "6890304962f5aa3c08a9ee01,6890304962f5aa3c08a9ee02"

Create Version Package

ata app package-create --project <PROJECT_ID> --team <TEAM_ID> --application <APP_ID> --version <VERSION_ID> [options]

Create a package for an application version, optionally including OpenAPI specifications. The package can then be imported as a collection.

Examples

# Basic package
ata app package-create \
  --project 689c0a5b \
  --team 68903049 \
  --application 68cd3243a7e3cf \
  --version 68cd3244a7e3cf

# Package with OpenAPI spec
ata app package-create \
  --project 689c0a5b \
  --team 68903049 \
  --application 68cd3243a7e3cf \
  --version 68cd3244a7e3cf \
  --openapi ./openapi.json

# The created package can be imported as a collection:
# ata collection import-package <PACKAGE_ID>

Publish Version Package

ata app package-publish <PACKAGE_ID> [options]

Publish a version package to make it active and available for deployments and imports. Publishing changes the package status from DRAFT to ACTIVE.

Examples

# Basic publish
ata app package-publish 68cb9143ce4b1689dfcb824c

# Publish with version and git info
ata app package-publish 68cb9143ce4b1689dfcb824c \
  --version "2.0.0" \
  --git-url "https://github.com/myorg/api.git" \
  --branch "main" \
  --tag "v2.0.0"

# Force publish without confirmation
ata app package-publish 68cb9143ce4b1689dfcb824c --force

Clone Version Package

ata app package-clone --version <VERSION_ID> --package <PACKAGE_ID>

Create a duplicate of an existing version package. This is useful for creating variants of a package or duplicating a package for different environments.

Options

Option	Description	Required
`--version <VERSION_ID>`	Application version ID	Yes
`--package <PACKAGE_ID>`	Package ID to clone	Yes

Example

ata app package-clone --version 68cd3244a7e3cf --package 68cb9143ce4b1689dfcb824c

Example Output

✓ Version package cloned successfully!

==============================================
         Version Package Details
==============================================
Package ID: 68cd3245a7e3cf7b6b0e5f20
Application ID: 68cd3243a7e3cf7b6b0e5f1e
Version ID: 68cd3244a7e3cf
Version: 1.0.0
Status: DRAFT

You can now import this package as a collection using:
ata collection import-package 68cd3245a7e3cf7b6b0e5f20

Change Package Status

ata app package-status --package <PACKAGE_ID> --status <STATUS>

Update the status of a version package. Common statuses include DRAFT, ACTIVE, ARCHIVED.

Options

Option	Description	Required
`--package <PACKAGE_ID>`	Package ID	Yes
`--status <STATUS>`	New status (e.g., DRAFT, ACTIVE, ARCHIVED)	Yes

Example

ata app package-status --package 68cb9143ce4b1689dfcb824c --status ACTIVE

Example Output

✓ Package status retrieved successfully!

==============================================
         Version Package Details
==============================================
Package ID: 68cb9143ce4b1689dfcb824c
Application ID: 68cd3243a7e3cf7b6b0e5f1e
Version ID: 68cd3244a7e3cf
Version: 1.0.0
Status: ACTIVE

You can now import this package as a collection using:
ata collection import-package 68cb9143ce4b1689dfcb824c

Set Branch Configuration

ata app set-branch --package <PACKAGE_ID> --branch <BRANCH_NAME> [--environment <ENV_NAME>]

Configure Git branch settings for a package. This is essential for integrating with version control systems and is required before using magic-sync for design documentation and release notes.

Options

Option	Description	Required
`--package <PACKAGE_ID>`	Package ID	Yes
`--branch <BRANCH_NAME>`	Git branch name	Yes
`--environment <ENV_NAME>`	Environment name (for environment-specific branches)	No

Examples

# Set default branch for a package
ata app set-branch --package 68cb9143ce4b1689dfcb824c --branch main

# Set environment-specific branch
ata app set-branch --package 68cb9143ce4b1689dfcb824c --branch develop --environment dev
ata app set-branch --package 68cb9143ce4b1689dfcb824c --branch staging --environment uat
ata app set-branch --package 68cb9143ce4b1689dfcb824c --branch main --environment prod

Example Output

✓ Branch configuration updated successfully!

─────────────────────────────────────────
        Branch Configuration
─────────────────────────────────────────
Package ID: 68cb9143ce4b1689dfcb824c
Environment: dev
Branch: develop
─────────────────────────────────────────

All Branch Configurations:
  1. dev: develop
  2. uat: staging
  3. prod: main

Important Notes

Branch configuration is required before using magic-sync with --design-doc or --release-note options
Each environment-branch combination must be unique
The CLI will validate uniqueness and show error if duplicates are found

Magic Sync

ata app magic-sync --package <PACKAGE_ID> --application <APP_ID> --version <VERSION_ID> --project <PROJECT_ID> --team <TEAM_ID> [options]

Comprehensive synchronization tool for managing API collections, design documentation, and release notes. This powerful command automates multiple aspects of API lifecycle management.

Required Options

Option	Description
`--package <PACKAGE_ID>`	Package ID
`--application <APP_ID>`	Application ID
`--version <VERSION_ID>`	Version ID
`--project <PROJECT_ID>`	Project ID
`--team <TEAM_ID>`	Team ID

Sync Operations (At least one required)

Option	Description
`--api-collection`	Sync API collection from OpenAPI spec
`--design-doc`	Generate design documentation from GitHub repository
`--release-note`	Generate AI-powered release notes

Prerequisites

For --design-doc and --release-note: Git repository must be configured in the application
For --design-doc: Branch must be set using ata app set-branch command

Examples

Sync API Collection Only

ata app magic-sync \
  --package 68cd3244a7e3cf7b6b0e5f1f \
  --application 68cd3243a7e3cf7b6b0e5f1e \
  --version 68cd3244a7e3cf \
  --project 689c0a5b251a3b05ffa18608 \
  --team 68903049d0c5b7af278a038a \
  --api-collection

Sync Design Documentation

# First, set the branch configuration (required)
ata app set-branch --package 68cd3244a7e3cf7b6b0e5f1f --branch main

# Then run magic-sync with design-doc
ata app magic-sync \
  --package 68cd3244a7e3cf7b6b0e5f1f \
  --application 68cd3243a7e3cf7b6b0e5f1e \
  --version 68cd3244a7e3cf \
  --project 689c0a5b251a3b05ffa18608 \
  --team 68903049d0c5b7af278a038a \
  --design-doc

Sync All Components

ata app magic-sync \
  --package 68cd3244a7e3cf7b6b0e5f1f \
  --application 68cd3243a7e3cf7b6b0e5f1e \
  --version 68cd3244a7e3cf \
  --project 689c0a5b251a3b05ffa18608 \
  --team 68903049d0c5b7af278a038a \
  --api-collection \
  --design-doc \
  --release-note

Example Output

API Collection Sync:

═════════════════════════════════════════
          Magic Sync Initiated
═════════════════════════════════════════
Team ID: 68903049d0c5b7af278a038a
Project ID: 689c0a5b251a3b05ffa18608
Application ID: 68cd3243a7e3cf7b6b0e5f1e
Version ID: 68cd3244a7e3cf
Package ID: 68cd3244a7e3cf7b6b0e5f1f
─────────────────────────────────────────
Sync Operations:
  ✓ API Collections
═════════════════════════════════════════

✓ API Collections synced successfully!

─────────────────────────────────────────
         API Collection Details
─────────────────────────────────────────
Collection Name: Payment API Collection
Collection Type: SWAGGER
Collection ID: 68cd3246a7e3cf7b6b0e5f21
Version: 1.0.0

═════════════════════════════════════════
          Sync Summary
═════════════════════════════════════════
API Collections: ✓ Success
─────────────────────────────────────────
Total: 1/1 operations completed successfully
═════════════════════════════════════════

✓ All sync operations completed successfully!

Design Documentation Sync:

✓ Design Documents sync initiated successfully!

─────────────────────────────────────────
      Design Documents Sync Details
─────────────────────────────────────────
Repository: https://github.com/myorg/payment-api.git
Branch: main
Status: Processing in background

Note: Design document generation is running in the background.
Check your dashboard for completion status.

Release Notes Sync:

✓ Release Notes sync initiated successfully!

─────────────────────────────────────────
        Release Notes Sync Details
─────────────────────────────────────────
Release Note Type: FULL
Status: Processing in background

Note: Release notes generation is running in the background.
Check for the completion status.

Features

API Collection Sync: Automatically generates test collections from OpenAPI specifications
Design Documentation: AI-powered documentation generation from your GitHub repository
Release Notes: Automated release notes generation based on version changes
Background Processing: Design docs and release notes process asynchronously
Batch Operations: Run multiple sync operations in a single command

Error Handling

If branch is not set for design docs: CLI will show error with instructions to run set-branch command
If repository URL is missing: Error message with configuration instructions
Each operation reports individual success/failure status
Summary shows overall completion status

Security Insights

ata app security-insight --package <PACKAGE_ID> --project <PROJECT_ID> --team <TEAM_ID> [scan-options]

Perform comprehensive security scans on your application package. This command integrates multiple security scanning tools to identify vulnerabilities, secrets, license issues, and more.

Required Options

Option	Description
`--package <PACKAGE_ID>`	Package ID to scan
`--project <PROJECT_ID>`	Project ID
`--team <TEAM_ID>`	Team ID

Scan Options (At least one required)

Option	Description
`--vulnerability`	Scan for vulnerabilities in dependencies
`--secret-detection`	Detect secrets and credentials in code
`--license-compliance`	Check license compliance of dependencies
`--iac-security`	Scan Infrastructure as Code (IaC) security issues
`--container-image`	Scan container images for vulnerabilities
`--sast`	Perform Static Application Security Testing (SAST)
`--all`	Run all security scans

Prerequisites

Package must have branch and environment configured using ata app set-branch command
Application must have a Git repository configured

Examples

Run Vulnerability Scan Only

# First, set the branch configuration (required)
ata app set-branch --package 68cb9143ce4b1689dfcb824c --branch main --environment prod

# Run vulnerability scan
ata app security-insight \
  --package 68cb9143ce4b1689dfcb824c \
  --project 689c0a5b251a3b05ffa18608 \
  --team 68903049d0c5b7af278a038a \
  --vulnerability

Run Multiple Specific Scans

ata app security-insight \
  --package 68cb9143ce4b1689dfcb824c \
  --project 689c0a5b251a3b05ffa18608 \
  --team 68903049d0c5b7af278a038a \
  --vulnerability \
  --secret-detection \
  --license-compliance

Run All Security Scans

ata app security-insight \
  --package 68cb9143ce4b1689dfcb824c \
  --project 689c0a5b251a3b05ffa18608 \
  --team 68903049d0c5b7af278a038a \
  --all

Example Output

Configuration Selection (Multiple Environments):

═════════════════════════════════════════
          Security Insight Initiated
═════════════════════════════════════════

Valid configurations found:
  1. ID: abc123, Environment: dev, Branch: develop
  2. ID: def456, Environment: prod, Branch: main

? Select environment and branch configuration: (Use arrow keys)
❯ dev - develop
  prod - main

Scan Execution:

─────────────────────────────────────────
Package ID: 68cb9143ce4b1689dfcb824c
Repository: https://github.com/myorg/payment-api.git
Environment: prod
Branch: main
─────────────────────────────────────────
Security Scans:
  ✓ Vulnerability Scan
  ✓ Secret Detection
  ✓ License Compliance
─────────────────────────────────────────

✓ Vulnerability scan completed successfully!

═════════════════════════════════════════
      Vulnerability Scan Results
═════════════════════════════════════════
Total Vulnerabilities: 12
Critical: 2
High: 4
Medium: 5
Low: 1
─────────────────────────────────────────

✓ Secret detection scan completed successfully!

═════════════════════════════════════════
       Secret Detection Results
═════════════════════════════════════════
Total: 3
Critical: 1
High: 2
Medium: 0
Low: 0
─────────────────────────────────────────

✓ License compliance scan completed successfully!

═════════════════════════════════════════
      License Compliance Results
═════════════════════════════════════════
Total: 45
Critical: 0
High: 0
Medium: 2
Low: 3
Good: 40
─────────────────────────────────────────

═════════════════════════════════════════
          Scan Summary
═════════════════════════════════════════
Vulnerability Scan: ✓ Success
Secret Detection: ✓ Success
License Compliance: ✓ Success
─────────────────────────────────────────
Total: 3/3 scans completed successfully
─────────────────────────────────────────

✓ All security scans completed successfully!

Security Scan Types

Vulnerability Scanning

Scans dependencies for known CVEs and security vulnerabilities
Provides severity levels: Critical, High, Medium, Low
Identifies outdated packages with known security issues

Secret Detection

Scans codebase for hardcoded secrets, API keys, passwords, and credentials
Detects various secret types: AWS keys, database passwords, private keys, tokens
Prevents accidental exposure of sensitive information

License Compliance

Analyzes all dependency licenses
Identifies potential license conflicts
Categorizes licenses by risk level
Helps maintain compliance with licensing requirements

IaC Security

Scans Infrastructure as Code files (Terraform, CloudFormation, Kubernetes, etc.)
Identifies security misconfigurations
Checks for best practices violations
Detects potential security risks in infrastructure definitions

Container Image Scanning

Scans Docker and container images
Identifies vulnerabilities in base images and layers
Checks for outdated packages in containers
Validates container security configurations

SAST (Static Application Security Testing)

Analyzes source code for security vulnerabilities
Detects common security flaws: SQL injection, XSS, CSRF, etc.
Identifies insecure coding patterns
Provides code-level security recommendations

Error Handling

If branch configuration is missing: Error with instructions to run set-branch command
If repository URL is not configured: Error message with configuration steps
If multiple environments exist: Interactive prompt to select environment
Individual scan failures are reported with detailed error messages
Overall summary shows success/failure count

Create API Access Request

ata app access-request \
  --team <TEAM_ID> \
  --project <PROJECT_ID> \
  --application <APP_ID> \
  --appVersion <VERSION_ID> \
  --type <TYPE> \
  --requestTeam <REQUEST_TEAM_ID> \
  --requestProject <REQUEST_PROJECT_ID> \
  --requestApplication <REQUEST_APP_ID> \
  --requestType <REQUEST_TYPE> \
  [type-specific-options]

Create API access requests for applications to request access to other APIs or services. This enables proper access control and dependency management between applications.

Required Options

Option	Description	Values
`--team <TEAM_ID>`	Team ID making the request	Team ID string
`--project <PROJECT_ID>`	Project ID	Project ID string
`--application <APP_ID>`	Application ID requesting access	Application ID string
`--appVersion <VERSION_ID>`	Application version ID	Version ID string
`--type <TYPE>`	Access request type	`CONSUMER`, `DEPENDENT_ON`
`--requestTeam <TEAM_ID>`	Target resource team ID	Team ID string
`--requestProject <PROJECT_ID>`	Target resource project ID	Project ID string
`--requestType <TYPE>`	Type of resource being requested	`API`, `SERVICE`

Conditionally Required Options

Option	Description	Required For
`--requestApplication <APP_ID>`	Target application ID	CONSUMER type and DEPENDENT_ON with API (optional for DEPENDENT_ON with SERVICE)
`--apiInfo <API_INFO_ID>`	API Info ID	CONSUMER type only
`--requestApi <API_ID>`	Target API ID	API request type
`--requestVersion <VERSION_ID>`	Target API version ID	API request type
`--service <SERVICE_ID>`	Service ID	SERVICE request type
`--serviceList <IDs>`	Comma-separated service list IDs	SERVICE request type

Access Request Types

CONSUMER Type

Used when an application wants to consume another API
Requires --apiInfo parameter
--requestType must be API
Creates a consumer-provider relationship

DEPENDENT_ON Type

Used when an application depends on another API or service
Can work with both API and SERVICE request types
More flexible dependency management

Examples

Example 1: CONSUMER Type (API Access)

ata app access-request \
  --team "690b009797745f554ec67540" \
  --project "690b00ea1ea8bdc5de00020a" \
  --application "692d45dc10e93f885d9e7e52" \
  --appVersion "692d45dc10e93f885d9e7e56" \
  --type "CONSUMER" \
  --apiInfo "692ec3ba736b19ff741248e5" \
  --requestTeam "690b009797745f554ec67540" \
  --requestProject "690b00ea1ea8bdc5de00020a" \
  --requestApplication "692fcbf90834ecb3fa80bc39" \
  --requestType "API" \
  --requestApi "692fcc5a0834ecb3fa80bcc3" \
  --requestVersion "692fcbf90834ecb3fa80bc3d"

Example 2: DEPENDENT_ON Type (API Access)

ata app access-request \
  --team "690b009797745f554ec67540" \
  --project "690b00ea1ea8bdc5de00020a" \
  --application "692d6af310e93f885d9e868d" \
  --appVersion "692d6af310e93f885d9e8691" \
  --type "DEPENDENT_ON" \
  --requestTeam "690b009797745f554ec67540" \
  --requestProject "690b00ea1ea8bdc5de00020a" \
  --requestApplication "692fcbf90834ecb3fa80bc39" \
  --requestType "API" \
  --requestApi "692fcc5a0834ecb3fa80bcc3" \
  --requestVersion "692fcbf90834ecb3fa80bc3d"

Example 3: DEPENDENT_ON Type (Service Access)

ata app access-request \
  --team "690b009797745f554ec67540" \
  --project "690b00ea1ea8bdc5de00020a" \
  --application "69253a761920787f2fb4658f" \
  --appVersion "69253a761920787f2fb46593" \
  --type "DEPENDENT_ON" \
  --requestTeam "690b009797745f554ec67540" \
  --requestProject "690b00ea1ea8bdc5de00020a" \
  --requestType "SERVICE" \
  --service "6916faa3c070332b7dd0c6c1" \
  --serviceList "6916fad1c070332b7dd0c6c6,6916fad1c070332b7dd0c6c7"

Example Output

CONSUMER Type Request:

✓ Access request created successfully!

==============================================
       Access Request Details
==============================================
Type: CONSUMER
Team: 690b009797745f554ec67540
Project: 690b00ea1ea8bdc5de00020a
Application: 692d45dc10e93f885d9e7e52
App Version: 692d45dc10e93f885d9e7e56
Request ID: 694abc123def456789012345

--- Request Details ---
API Info: 692ec3ba736b19ff741248e5
Request Type: API
Request Team: 690b009797745f554ec67540
Request Project: 690b00ea1ea8bdc5de00020a
Request Application: 692fcbf90834ecb3fa80bc39
Request API: 692fcc5a0834ecb3fa80bcc3
Request Version: 692fcbf90834ecb3fa80bc3d
==============================================

SERVICE Type Request:

✓ Access request created successfully!

==============================================
       Access Request Details
==============================================
Type: DEPENDENT_ON
Team: 690b009797745f554ec67540
Project: 690b00ea1ea8bdc5de00020a
Application: 69253a761920787f2fb4658f
App Version: 69253a761920787f2fb46593
Request ID: 694xyz789abc012345678901

--- Request Details ---
Request Type: SERVICE
Request Team: 690b009797745f554ec67540
Request Project: 690b00ea1ea8bdc5de00020a
Service: 6916faa3c070332b7dd0c6c1
Service List: 6916fad1c070332b7dd0c6c6,6916fad1c070332b7dd0c6c7
==============================================

Field Requirements Summary

Field	CONSUMER + API	DEPENDENT_ON + API	DEPENDENT_ON + SERVICE
`--team`	✅ Required	✅ Required	✅ Required
`--project`	✅ Required	✅ Required	✅ Required
`--application`	✅ Required	✅ Required	✅ Required
`--appVersion`	✅ Required	✅ Required	✅ Required
`--type`	✅ CONSUMER	✅ DEPENDENT_ON	✅ DEPENDENT_ON
`--apiInfo`	✅ Required	❌ Not used	❌ Not used
`--requestTeam`	✅ Required	✅ Required	✅ Required
`--requestProject`	✅ Required	✅ Required	✅ Required
`--requestApplication`	✅ Required	✅ Required	⚪ Optional
`--requestType`	✅ Must be API	✅ API	✅ SERVICE
`--requestApi`	✅ Required	✅ Required	❌ Not used
`--requestVersion`	✅ Required	✅ Required	❌ Not used
`--service`	❌ Not used	❌ Not used	✅ Required
`--serviceList`	❌ Not used	❌ Not used	✅ Required

Use Cases

Consumer Access Requests

Mobile app requesting access to backend API
Frontend application consuming microservices
Third-party integrations requiring API access
Partner applications needing controlled access

Dependency Management

Tracking service dependencies in microservice architecture
Managing API version dependencies
Documenting inter-service communication
Handling service mesh relationships

Service Access

Requesting access to shared services (authentication, logging, etc.)
Database service access management
Message queue and event stream subscriptions
Caching service access requests

Error Handling

Missing required fields trigger clear validation errors with usage instructions
Invalid type combinations are caught with helpful error messages
Authentication failures include login instructions
API errors show detailed response information for troubleshooting

Prerequisites

Must be logged in via ata login
Application and version must exist
Target resources (APIs, services) must be accessible
Proper permissions in the team and project

List API Access Requests

ata app access-request-list [OPTIONS]

List and browse API access requests with filtering and pagination support. View requests you've made or requests made to your APIs.

Options

Option	Description	Default
`--page <page>`	Page number for pagination	1
`--size <size>`	Number of requests per page	10
`--requestFor <requestFor>`	Filter by request direction	-
`--team <teamId>`	Filter by team ID	-
`--project <projectId>`	Filter by project ID	-

Request Direction Filter

Value	Description
`BY_ME`	Show access requests you have created
`TO_ME`	Show access requests made to your APIs/services

Examples

List All Access Requests (Default)

ata app access-request-list

List Requests You've Made

ata app access-request-list --requestFor BY_ME

List Requests Made to Your APIs

ata app access-request-list --requestFor TO_ME

Filter by Team and Project

ata app access-request-list \
  --team "690b009797745f554ec67540" \
  --project "690b00ea1ea8bdc5de00020a"

List with Pagination

# First page with 20 items
ata app access-request-list --page 1 --size 20

# Second page
ata app access-request-list --page 2 --size 20

Combined Filters

ata app access-request-list \
  --requestFor BY_ME \
  --team "690b009797745f554ec67540" \
  --project "690b00ea1ea8bdc5de00020a" \
  --page 1 \
  --size 15

Example Output

==============================================
         API Access Requests
==============================================

Filters:
  Request For: BY_ME
  Team: 690b009797745f554ec67540

Total: 25 request(s)
Page 1 of 3
──────────────────────────────────────────────

1. Request ID: 694abc123def456789012345
   Type: CONSUMER
   Status: APPROVED
   Application: Payment Gateway API
   Version: 1.0.0
   Team: 690b009797745f554ec67540
   Project: 690b00ea1ea8bdc5de00020a
   Requests: 1 item(s)
     - API Info: 692ec3ba736b19ff741248e5
       • Type: API
         API: 692fcc5a0834ecb3fa80bcc3
   Created: 1/20/2025, 10:30:45 AM
   Updated: 1/20/2025, 11:15:22 AM
──────────────────────────────────────────────
2. Request ID: 694xyz789abc012345678901
   Type: DEPENDENT_ON
   Status: PENDING
   Application: Auth Service
   Version: 2.0.0
   Team: 690b009797745f554ec67540
   Project: 690b00ea1ea8bdc5de00020a
   Requests: 1 item(s)
       • Type: SERVICE
         Service: 6916faa3c070332b7dd0c6c1
   Created: 1/19/2025, 3:45:12 PM
   Updated: 1/19/2025, 3:45:12 PM
──────────────────────────────────────────────
3. Request ID: 694def456ghi789012345678
   Type: DEPENDENT_ON
   Status: REJECTED
   Application: Mobile App
   Version: 3.0.0
   Team: 690b009797745f554ec67540
   Project: 690b00ea1ea8bdc5de00020a
   Requests: 1 item(s)
       • Type: API
         API: 692fcc5a0834ecb3fa80bcc3
   Created: 1/18/2025, 9:20:33 AM
   Updated: 1/18/2025, 2:30:15 PM
──────────────────────────────────────────────

Showing page 1 of 3
Use --page 2 to see more results

==============================================

Status Values

Status	Description	Color
`APPROVED`	Request has been approved	Green
`PENDING`	Request is awaiting approval	Yellow
`REJECTED`	Request has been rejected	Red

Features

Pagination: Navigate through large lists of requests efficiently
Filtering: Find specific requests using multiple filter criteria
Direction Filter: Separate outgoing requests from incoming requests
Detailed View: See complete information for each request
Status Indicators: Color-coded status for quick identification
Timestamp Tracking: View creation and update times

Use Cases

Monitor Your Requests

# Check status of all requests you've made
ata app access-request-list --requestFor BY_ME

Review Incoming Requests

# See who is requesting access to your APIs
ata app access-request-list --requestFor TO_ME

Project-Specific Access Management

# View all access requests for a specific project
ata app access-request-list --project "690b00ea1ea8bdc5de00020a"

Team Collaboration

# Review all team access requests
ata app access-request-list --team "690b009797745f554ec67540"

Error Handling

Invalid --requestFor values trigger validation errors
Authentication failures show login instructions
Network errors provide clear troubleshooting guidance
Empty results display friendly "No access requests found" message

Prerequisites

Must be logged in via ata login
Proper permissions to view access requests in specified teams/projects

Review API Access Request

ata app access-request-review --accessRequestId <REQUEST_ID> --status <STATUS>

Approve or reject API access requests. This command allows authorized users to review and respond to access requests made to their APIs or services.

Required Options

Option	Description	Values
`--accessRequestId <REQUEST_ID>`	Access request ID to review	Request ID string
`--status <STATUS>`	Review decision	`APPROVED`, `REJECTED`

Examples

Approve an Access Request

ata app access-request-review \
  --accessRequestId "6932b0e1889fe4e81fd3ea20" \
  --status APPROVED

Reject an Access Request

ata app access-request-review \
  --accessRequestId "6932b0e1889fe4e81fd3ea20" \
  --status REJECTED

Example Output

Successful Approval:

✓ Access request approved successfully!

==============================================
       Access Request Review
==============================================
Request ID: 6932b0e1889fe4e81fd3ea20
New Status: APPROVED
Updated Request ID: 6932b0e1889fe4e81fd3ea20
Type: CONSUMER
Application: Payment Gateway API
Version: 1.0.0
Team: 690b009797745f554ec67540
Project: 690b00ea1ea8bdc5de00020a
Updated At: 1/20/2025, 2:45:30 PM

──────────────────────────────────────────────
The requesting application now has access to the requested resources.
==============================================

Successful Rejection:

✗ Access request rejected successfully!

==============================================
       Access Request Review
==============================================
Request ID: 6932b0e1889fe4e81fd3ea20
New Status: REJECTED
Updated Request ID: 6932b0e1889fe4e81fd3ea20
Type: DEPENDENT_ON
Application: Mobile App
Version: 2.0.0
Team: 690b009797745f554ec67540
Project: 690b00ea1ea8bdc5de00020a
Updated At: 1/20/2025, 2:50:15 PM

──────────────────────────────────────────────
The access request has been rejected. The requesting application does not have access.
==============================================

Status Values

Status	Description	Effect
`APPROVED`	Grant access to the requested resources	The requesting application can now access the API/service
`REJECTED`	Deny access to the requested resources	The requesting application cannot access the API/service

Workflow Integration

Typical Review Workflow:

# 1. List incoming access requests
ata app access-request-list --requestFor TO_ME

# 2. Review the request details and decide

# 3. Approve the request
ata app access-request-review \
  --accessRequestId "6932b0e1889fe4e81fd3ea20" \
  --status APPROVED

# 4. Verify the updated status
ata app access-request-list --requestFor TO_ME

Use Cases

API Provider Approval

Review and approve legitimate access requests from partner applications
Grant access to internal teams for development and testing
Control which applications can consume your APIs

Access Management

Reject unauthorized or suspicious access requests
Revoke access by rejecting previously approved requests
Maintain security and compliance by controlling API access

Team Collaboration

Coordinate with team members on access decisions
Track and audit all access approvals and rejections
Ensure proper authorization before granting API access

Error Handling

Request Not Found (404)

✗ Error: Not Found

Access request with ID "6932b0e1889fe4e81fd3ea20" not found.
Please verify the request ID and try again.

Permission Denied (403)

✗ Error: Forbidden

You do not have permission to review this access request.
Only authorized users can approve or reject access requests.

Already Reviewed (400)

✗ Error: Bad Request

Invalid request. The access request may already be reviewed.

Invalid Status

Invalid status value. Must be either APPROVED or REJECTED

Prerequisites

Must be logged in via ata login
Must have authorization to review access requests
The access request must exist and be in a reviewable state (typically PENDING)
Only users with appropriate permissions can approve/reject requests

Security Considerations

Only authorized team members can review access requests
All review actions are logged and auditable
Once approved, the requesting application gains immediate access
Rejected requests can be resubmitted for reconsideration

Best Practices

Review Promptly: Respond to access requests in a timely manner to avoid blocking dependent teams
Verify Identity: Ensure the requesting application and team are legitimate
Check Scope: Verify that the requested access level is appropriate
Document Decisions: Keep track of approval/rejection reasons for audit purposes
Communicate: Inform the requesting team of the decision, especially for rejections

Workflow Example

# 1. Create an application with Git tracking
ata app create --project PROJECT_ID --team TEAM_ID --name "My API" \
  --git-tracking --git-url "https://github.com/myorg/my-api.git"
# Returns: Application ID

# 2. Create a version
ata app version-create --project PROJECT_ID --team TEAM_ID \
  --application APP_ID --name "1.0.0"
# Returns: Version ID

# 3. Create a package with OpenAPI spec
ata app package-create --project PROJECT_ID --team TEAM_ID \
  --application APP_ID --version VERSION_ID --openapi ./spec.json
# Returns: Package ID

# 4. Set branch configuration (required for magic-sync and security insights)
ata app set-branch --package PACKAGE_ID --branch main --environment prod

# 5. Create access requests for API dependencies
ata app access-request --team TEAM_ID --project PROJECT_ID \
  --application APP_ID --appVersion VERSION_ID --type DEPENDENT_ON \
  --requestTeam REQ_TEAM_ID --requestProject REQ_PROJECT_ID \
  --requestApplication REQ_APP_ID --requestType API \
  --requestApi API_ID --requestVersion API_VERSION_ID

# 6. Run magic sync to generate API collections, docs, and release notes
ata app magic-sync --package PACKAGE_ID --application APP_ID \
  --version VERSION_ID --project PROJECT_ID --team TEAM_ID \
  --api-collection --design-doc --release-note

# 7. Run comprehensive security scans
ata app security-insight --package PACKAGE_ID --project PROJECT_ID \
  --team TEAM_ID --all

# 8. Change package status if needed
ata app package-status --package PACKAGE_ID --status ACTIVE

# 9. Publish the package to make it live
ata app package-publish PACKAGE_ID --version "1.0.0"

# 10. Clone package for another environment if needed
ata app package-clone --version VERSION_ID --package PACKAGE_ID
# Returns: New Package ID

# 11. Import the package as a collection for testing
ata collection import-package PACKAGE_ID

🛠 Other Commands

ata logout — Log out and remove stored login information
ata update — Update ATA CLI to the latest version

🤝 Contributing

Contributions, issues, and feature requests are welcome! Please see the issues page or submit a pull request.

📬 Support

For help or questions, please visit the AllThingsAPI website or contact support.

FAQs

What is @allthingsapi/ata-cli?

Is @allthingsapi/ata-cli popular?

Is @allthingsapi/ata-cli well maintained?

Package last updated on 05 Dec 2025

Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install