Assign Scan policy

This endpoint is used to assign scan policy plugins to the scan policy of this application.

The scan policy determines the set of vulnerability checks, known as 'plugins', and the technology flags that configure StackHawk security tests. Scan policies can be either predefined StackHawk Policies, identified by name, or customized Application Policies specific to an applicationId.


  • Utilize the All StackHawk Scan Policies endpoint to retrieve the names of accepted StackHawk scan policies.
  • Plugins within the scan policy dictate the vulnerability checks conducted in StackHawk security tests.
  • Technology flags within the scan policy further refine the behavior of these vulnerability checks in relation to applicable technologies.

Scan Policy Types:

  • StackHawk Policies: Identified by name, these predefined policies provide a standard set of plugins and tech flag configurations.
  • Application Policies: Tailored per applicationId, allowing for customized application-specific plugin and tech flag configurations.



This is recorded as APPLICATION_POLICY_MODIFIED User Activity.



This endpoint is NOT accessible to users with the Member role.

Click Try It! to start a request and see the response here!