Skip to content

API Server

Faraday Server API

Faraday has a RESTful API under _api url prefix where the server is configured (example: https://server.faradaysec.com:5985/_api/v3/)

The Faraday REST API enables you to interact with our server. Use this API to interact or integrate with Faraday server. This page documents the REST API, with HTTP response codes and example requests and responses.

We have a Swagger page to explore the api here:

Faraday Server API Description

Faraday has a Server RESTful API by default running on 127.0.0.1:5985.


INFO: On cloud, you have to replace this with "https://yourdomain.faradaysec.com/"


You can check all API endpoints with the command:

$ faraday-manage show-urls

Methods

POST: creates objects

GET: get a list of objects or get one object given its object_id

PUT: update object

DELETE: delete object

Headers

Our API endpoints support JSON and you must always include the header:

Content-Type: application/json

Authentication

The server API requires authentication. Currently, we support cookie authentication.

The endpoint for login is /_api/login and the json payload is:

{"email": "USERNAME", "password": "SECRET_PASSWORD"}

Endpoints Faraday Config: Here are the list of API endpoints for license, users, workspace and authentication:

(HEAD, POST, OPTIONS, GET) -> '/login' 
(HEAD, OPTIONS, GET) -> '/logout' 
(HEAD, OPTIONS, GET) -> '/session'
(HEAD, POST, OPTIONS, GET) -> '/change' 
(HEAD, OPTIONS, GET) -> '/config' 
(HEAD, OPTIONS, GET) -> '/_api/v3/licenses/'
(POST, OPTIONS) -> '/_api/v3/licenses/'
(OPTIONS, DELETE) -> '/_api/v3/licenses/<object_id>/'
(HEAD, OPTIONS, GET) -> '/_api/v3/licenses/<object_id>/'
(PUT, OPTIONS) -> '/_api/v3/licenses/<object_id>/'
(OPTIONS, DELETE) -> '/_api/v3/users/<object_id>/'
(HEAD, OPTIONS, GET) -> '/_api/v3/users/<object_id>/'
(PUT, OPTIONS) -> '/_api/v3/users/<object_id>/'
(HEAD, OPTIONS, GET) -> '/_api/v3/users/'
(POST, OPTIONS) -> '/_api/v3/users/'
(HEAD, OPTIONS, GET) -> '/_api/v3/in'
(HEAD, OPTIONS, GET) -> '/_api/v3/ws/'
(POST, OPTIONS) -> '/_api/v3/ws/'
(OPTIONS, DELETE) -> '/_api/v3/ws/<object_id>/'
(HEAD, OPTIONS, GET) -> '/_api/v3/ws/<object_id>/'
(PUT, OPTIONS) -> '/_api/v3/ws/<object_id>/'

Host

This API endpoint allows you to change the Host objects:

(HEAD, OPTIONS, GET) -> '/_api/v3/ws/<workspace_name>/hosts/'
(POST, OPTIONS) -> '/_api/v3/ws/<workspace_name>/hosts/'
(HEAD, OPTIONS, GET) -> '/_api/v3/ws/<workspace_name>/hosts/count/'
(HEAD, OPTIONS, GET) -> '/_api/v3/ws/<workspace_name>/hosts/countVulns/'
(OPTIONS, DELETE) -> '/_api/v3/ws/<workspace_name>/hosts/<object_id>/'
(HEAD, OPTIONS, GET) -> '/_api/v3/ws/<workspace_name>/hosts/<object_id>/'
(PUT, OPTIONS) -> '/_api/v3/ws/<workspace_name>/hosts/<object_id>/'
(HEAD, OPTIONS, GET) -> '/_api/v3/ws/<workspace_name>/hosts/<host_id>/services/'
(DELETE, OPTIONS) -> '/_api/v3/ws/<workspace_name>/hosts/bulk_delete/'
JSON Body of the Host object:

{
    "ip":"test",
    "hostnames": [],
    "mac":"00:00:00:00:00:00",
    "description":"",
    "default_gateway":"None",
    "os":"",
    "owned":false,
    "owner":""
}

Services

This API endpoint allows you to change the Service objects:

(HEAD, OPTIONS, GET) -> '/_api/v3/ws/<workspace_name>/services/'
(POST, OPTIONS) -> '/_api/v3/ws/<workspace_name>/services/'
(HEAD, OPTIONS, GET) -> '/_api/v3/ws/<workspace_name>/services/count/'
(OPTIONS, DELETE) -> '/_api/v3/ws/<workspace_name>/services/<object_id>/'
(HEAD, OPTIONS, GET) -> '/_api/v3/ws/<workspace_name>/services/<object_id>/'  
(PUT, OPTIONS) -> '/_api/v3/ws/<workspace_name>/services/<object_id>/'

JSON Body of the Service object:

{
    "name":"test",
    "description":"",
    "owned":false,
    "owner":"",
    "ports":[8080],
    "protocol":"tcp",
    "parent":1156,
    "status":"open",
    "version":"",
    "type":"Service" 
}

Vulnerability This API endpoint allows you to change the Vulnerability objects:

(HEAD, OPTIONS, GET) -> '/_api/v3/ws/<workspace_name>/vulns/'
(POST, OPTIONS) -> '/_api/v3/ws/<workspace_name>/vulns/'
(HEAD, OPTIONS, GET) -> '/_api/v3/ws/<workspace_name>/vulns/count/'
(HEAD, OPTIONS, GET) -> '/_api/v3/ws/<workspace_name>/vulns/timeline/'
(OPTIONS, DELETE) -> '/_api/v3/ws/<workspace_name>/vulns/<object_id>/'
(HEAD, OPTIONS, GET) -> '/_api/v3/ws/<workspace_name>/vulns/<object_id>/'
(PUT, OPTIONS) -> '/_api/v3/ws/<workspace_name>/vulns/<object_id>/'
(HEAD, OPTIONS, GET) -> '/_api/v3/ws/<workspace_name>/vulns/<vuln_id>/attachment/<attachment_filename>/' 
(POST, OPTIONS) -> '/_api/v3/ws/<workspace>/upload_report'
(HEAD, OPTIONS, GET) -> '/_api/v3/ws/<workspace_name>/tags/'

JSON Body of the Vulnerability object:


INFO: key named type can be:

vulnerability: Normal vulnerability, the parent could be a service or a host. vulnerability_web: Web vulnerability, the parent can only be a service.

{
    "owner":"faraday",
    "parent":1156,
    "parent_type":"Host",
    "type":"Vulnerability",
    "ws":"api",
    "confirmed":true,
    "data":"",
    "desc":"Testing API",
    "impact": 
    {
        "accountability":false,
        "availability":false,
        "confidentiality":false,
        "integrity":false
    },
    "name":"test",
    "owned":false,
    "policyviolations":[],
    "refs":[],
    "resolution":"",
    "severity":"high",
    "issuetracker":"",
    "status":"opened",
    "_attachments":{},
    "description":"",
    "protocol":"",
    "version":""
}

Tasks

This API endpoint allows you to change the Task objects:

(HEAD, OPTIONS, GET) -> '/_api/v3/ws/<workspace_name>/tasks/'
(POST, OPTIONS) -> '/_api/v3/ws/<workspace_name>/tasks/'
(HEAD, OPTIONS, GET) -> '/_api/v3/ws/<workspace_name>/tasks/count/'
(OPTIONS, DELETE) -> '/_api/v3/ws/<workspace_name>/tasks/<object_id>/'
(HEAD, OPTIONS, GET) -> '/_api/v3/ws/<workspace_name>/tasks/<object_id>/'
(PUT, OPTIONS) -> '/_api/v3/ws/<workspace_name>/tasks/<object_id>/'
(PUT, OPTIONS) -> '/_api/v3/ws/<workspace_name>/taskGroups/manualimport/'
(HEAD, OPTIONS, GET) -> '/_api/v3/ws/<workspace_name>/taskGroups/import/'
(HEAD, OPTIONS, GET) -> '/_api/v3/ws/<workspace_name>/taskGroups/count/'
(OPTIONS, DELETE) -> '/_api/v3/ws/<workspace_name>/taskGroups/<object_id>/'
(HEAD, OPTIONS, GET) -> '/_api/v3/ws/<workspace_name>/taskGroups/<object_id>/'
(PUT, OPTIONS) -> '/_api/v3/ws/<workspace_name>/taskGroups/<object_id>/'
(HEAD, OPTIONS, GET) -> '/_api/v3/ws/<workspace_name>/taskGroups/'
(POST, OPTIONS) -> '/_api/v3/ws/<workspace_name>/taskGroups/'
(HEAD, OPTIONS, GET) -> '/_api/v3/task_template/'
(POST, OPTIONS) -> '/_api/v3/task_template/'
(OPTIONS, DELETE) -> '/_api/v3/task_template/<object_id>/'
(HEAD, OPTIONS, GET) -> '/_api/v3/task_template/<object_id>/'
(PUT, OPTIONS) -> '/_api/v3/task_template/<object_id>/'
(OPTIONS, DELETE) -> '/_api/v3/methodology_template/<object_id>/'
(HEAD, OPTIONS, GET) -> '/_api/v3/methodology_template/<object_id>/'
(PUT, OPTIONS) -> '/_api/v3/methodology_template/<object_id>/'
(HEAD, OPTIONS, GET) -> '/_api/v3/methodology_template/'
(POST, OPTIONS) -> '/_api/v3/methodology_template/'
JSON Body of the Task object:

{
    "name":"test", 
    "type":"TaskGroup", 
    "group_type":"instance", 
    "instance_of":"", 
    "tCompletedtasks":0, 
    "totaltasks":0
}

Reports This API endpoint allows you to create reports from the API and download them:

(HEAD, OPTIONS, GET) -> '/_api/v3/ws/<workspace_name>/reports/'
(POST, OPTIONS) -> '/_api/v3/ws/<workspace_name>/reports/'
(HEAD, OPTIONS, GET) -> '/_api/v3/ws/<workspace_name>/reports/count/'
(HEAD, OPTIONS, GET) -> '/_api/v3/ws/<workspace_name>/reports/countVulns/'
(HEAD, OPTIONS, GET) -> '/_api/v3/ws/<workspace_name>/reports/listTemplates/'
(OPTIONS, DELETE) -> '/_api/v3/ws/<workspace_name>/reports/<object_id>/'
(HEAD, OPTIONS, GET) -> '/_api/v3/ws/<workspace_name>/reports/<object_id>/'
(PUT, OPTIONS) -> '/_api/v3/ws/<workspace_name>/reports/<object_id>/'
(HEAD, OPTIONS, GET) -> '/_api/v3/ws/<workspace_name>/reports/<report_id>/download/'
JSON Body of the Reports object:

{
    "name":"Testing-API",
    "tags":[],
    "title":"Network XYZ",
    "enterprise":"ACMEINC",
    "scope":"Scope",
    "objectives":"Objetives",
    "summary":"Summ",
    "confirmed":false,
    "conclusions":"Conclusions",
    "recommendations":"Recommendations",
    "vuln_count":4,
    "template_name":"generic_default.docx",
    "grouped":false
}

Vulnerability Template

This API endpoint allows you to change the Vulnerability Template (VulnDB) objects:

(HEAD, OPTIONS, GET) -> '/_api/v3/vulnerability_template/'
(POST, OPTIONS) -> '/_api/v3/vulnerability_template/'
(OPTIONS, DELETE) -> '/_api/v3/vulnerability_template/<object_id>/'
(HEAD, OPTIONS, GET) -> '/_api/v3/vulnerability_template/<object_id>/'
(PUT, OPTIONS) -> '/_api/v3/vulnerability_template/<object_id>/'

JSON Body of the Vulnerability Template object:

{
    "cwe":"",
    "description":"Test",
    "desc":"",
    "exploitation":"high",
    "name":"Testing API",
    "references":[],
    "refs":[],
    "resolution":"",
    "type":"vulnerability_template"
}

Credentials This API endpoint allows you to change the Credential objects:

(OPTIONS, DELETE) -> '/_api/v3/ws/<workspace_name>/credential/<object_id>/'
(HEAD, OPTIONS, GET) -> '/_api/v3/ws/<workspace_name>/credential/<object_id>/'
(PUT, OPTIONS) -> '/_api/v3/ws/<workspace_name>/credential/<object_id>/'
(HEAD, OPTIONS, GET) -> '/_api/v3/ws/<workspace_name>/credential/'
(POST, OPTIONS) -> '/_api/v3/ws/<workspace_name>/credential/'
(HEAD, OPTIONS, GET) -> '/_api/v3/ws/<workspace_name>/credential/count/'
JSON Body of the Credentials object:

{
    "name":"Test",
    "username":"faraday",
    "password":"changeme",
    "type":"Cred",
    "parent_type":"Host",
    "parent":"1147",
    "owner":"",
    "description":""
}

Activity Feed

This API endpoint allows you to change the Activity Feed (from Dashboard) objects:

(HEAD, OPTIONS, GET) -> '/_api/v3/ws/<workspace_name>/activities/count/'
(HEAD, OPTIONS, GET) ->  '/_api/v3/ws/<workspace_name>/commands/activity_feed/'
(OPTIONS, DELETE) -> '/_api/v3/ws/<workspace_name>/activities/<object_id>/'
(HEAD, OPTIONS, GET) -> '/_api/v3/ws/<workspace_name>/activities/<object_id>/'
(PUT, OPTIONS) -> '/_api/v3/ws/<workspace_name>/activities/<object_id>/'
(HEAD, OPTIONS, GET) -> '/_api/v3/ws/<workspace_name>/activities/'
(POST, OPTIONS) -> '/_api/v3/ws/<workspace_name>/activities/'

Comments

This API endpoint allows you to change the Comment objects:

(HEAD, OPTIONS, GET) -> '/_api/v3/ws/<workspace_name>/comment/count/'
(OPTIONS, DELETE) -> '/_api/v3/ws/<workspace_name>/comment/<object_id>/'
(HEAD, OPTIONS, GET) -> '/_api/v3/ws/<workspace_name>/comment/<object_id>/'
(PUT, OPTIONS) -> '/_api/v3/ws/<workspace_name>/comment/<object_id>/'
(HEAD, OPTIONS, GET) -> '/_api/v3/ws/<workspace_name>/comment/'
(POST, OPTIONS) -> '/_api/v3/ws/<workspace_name>/comment/'

Commands

This API endpoint allows you to change the Commands objects:

(HEAD, OPTIONS, GET) -> '/_api/v3/ws/<workspace_name>/commands/count/'
(OPTIONS, DELETE) -> '/_api/v3/ws/<workspace_name>/commands/<object_id>/'
(HEAD, OPTIONS, GET) -> '/_api/v3/ws/<workspace_name>/commands/<object_id>/'
(PUT, OPTIONS) -> '/_api/v3/ws/<workspace_name>/commands/<object_id>/'
(HEAD, OPTIONS, GET) -> '/_api/v3/ws/<workspace_name>/commands/'
(POST, OPTIONS) -> '/_api/v3/ws/<workspace_name>/commands/'

Others:

(POST, OPTIONS) -> '/_api/v3/ws/<workspace_name>/comment_unique/'

Examples

Assuming that our credentials are:

username: faraday

password: changeme

Login: in order to be able to login through the API, you must supply your credentials and store them in a cookie file just as the following example:

    curl -s 'http://127.0.0.1:5985/_api/login' \
        -H 'Origin: http://127.0.0.1:5985/' -H 'Accept-Encoding: gzip, deflate, br' \
        -H 'Accept-Language: en-US,en;q=0.9' \
        -H 'Content-Type: application/json' \
        -H 'Accept: application/json, text/javascript, */*; q=0.01' \
        -H 'Referer: http://127.0.0.1:5985/' -H 'X-Requested-With: XMLHttpRequest' \
        -H 'Connection: keep-alive' \
        --data-binary '{"email":"faraday","password": "changeme"}' \
        --compressed -c cookie.txt > /dev/null

Creating a host: assuming our workspace name is test:

    curl -X POST http://127.0.0.1:5985/_api/v3/ws/test/hosts/ \
        -d '{"ip":"127.0.0.1","hostnames":["testing"], "mac":"00:00:00:00:00:00","description":"Testing API", "default_gateway":"None", "os":"Linux", "owned":true, "owner":""}' \
        -b cookie.txt \
        -H 'Content-Type: application/json'

Getting a list of hosts:

curl -X GET http://127.0.0.1:5985/_api/v3/ws/test/hosts/ -b cookie.txt

Creating a service:

    curl -X POST http://127.0.0.1:5985/_api/v3/ws/test/services/ \
        -d '{"name":"Test","description":"Testing API", "owned":true, "owner":"","ports":[8080],"protocol":"tcp","parent":1157,"status":"open","version":"","metadata":{"update_time":1533152663.994,"update_user":"","update_action":0,"creator":"","create_time":1533152663.994,"update_controller_action":"UI Web New","owner":""},"type":"Service"}' \
        -b cookie.txt \
        -H 'Content-Type: application/json'

Creating a vuln:

    curl -X POST http://127.0.0.1:5985/_api/v3/ws/test/vulns/ \
        -d '{"metadata":{"update_time":1533152883.927, "update_user":"", "update_action":0,"creator":"UI Web", "create_time":1533152883.927, "update_controller_action":"UI Web New", "owner":"faraday"}, "obj_id":"", "owner":"faraday", "parent":1157, "parent_type":"Host","type":"Vulnerability","ws":"test","confirmed":true,"data":"","desc":"New vulnerability created for API purposes","easeofresolution":"simple","impact":{"accountability":false, "availability":false, "confidentiality":false, "integrity":false},"name":"New Vuln - Testing API","owned":false,"policyviolations":[],"refs":[], "resolution":"", "severity":"critical", "issuetracker":"", "status":"opened","_attachments":{},"description":"","protocol":"","version":""}' \
        -b cookie.txt \
        -H 'Content-Type: application/json'

Creating a user:

    curl -X POST http://127.0.0.1:5985/_api/v3/users/ \
        -d '{"name":"faraday", "password":"changeme", "roles":["admin"], "type":"user", "role":"admin"}' \
        -b cookie.txt \
        -H 'Content-Type: application/json'

Generating a report:

    curl -X POST http://127.0.0.1:5985/_api/v3/ws/test/reports/ \
        -d '{"name":"Testing-API","tags":[], "title":"", "enterprise":"", "scope":"", "objectives":"", "summary":"", "confirmed":false, "conclusions":"", "recommendations":"", "vuln_count":2, "template_name":"generic_default.docx", "grouped":false}' \
        -b cookie.txt \
        -H 'Content-Type: application/json'

Uploading a report:

In order to be able to upload a report, you need the CSRF token and session's cookies. To get session's cookie, go to the Status Report and take it from RequestHeaders section of the console. And to get the CSRF token, in the same console, go to the tab Response.

On the first --form parameter,put the path of the file that you want to upload.

    curl -X POST http://127.0.0.1:5985/_api/v3/ws/api/upload_report \
       -H 'Content-Type: multipart/form-data' \
       --cookie "session=.eJw90M2KwjAQB_BXWXL2YGu9CB6UlGJhpgSCZeZS2FpNJ2YXqkI24rtv18O-wO__8VTdeRpuTm3u02NYqG48qc1TfXyqjWK9SyyUYVsWmMrUWDei9Etsj4FaDKydw-Qj5KZo9CWSNUu2uzXktQM5XSnxyJVZgTaRrYkk-xEt5ZQfVmT3DmcfKvrhcBQUKMgeIoQysb0knjMh-QIEliyQQzJZ0-IV_kx7DWDZY1WPmNCD9Fv1Wqj-Np27-7cfvv4noNTSVCZjXSaYK2KgiLqMTTtX1H7daMpmPnLFgtpHSk7YbN_c4zZM7ztUoV6_3rRiDA.DkoypQ.q7eGzh1oof8dKnbF4q6xD_n1d6o" \
       --form "file=@PATH/TO/FILE" \
       --form "csrf_token=IjYyYzhkNWQxMzA4MTZmMTQxMTliYTA5OTg2NWYzMWRmYzQ5MWM4Y2Ui.Dko4Zw.sZ-LLdGoxaNFUaySFFQMvyLecxc" \
       --compressed

Using the API to create a workspace

Here we provide a Python script using requests to create a new workspace:

# -*- coding: utf-8 -*-
import click
from requests import Session

@click.command()
@click.option('--username', prompt=True)
@click.option('--password', prompt=True)
@click.option('--server_address', prompt=True, help='Faraday server url', default='http://localhost:5985/')
@click.option('--workspace_name', prompt=True)
def create_workspace(username, password, server_address, workspace_name):
    print('Authentication to server {0}'.format(server_address))
    session = Session()
    # authentication to faraday server
    session.post(server_address + '/_api/login', json={'email': 'faraday', 'password': 'Password123'})
    # create new workspace
    ws_payload = {
            "customer":"",
            "name":workspace_name,
            "type":"Workspace",
            "users":["faraday"],
            "public":False,
            "children":[],
            "duration":{"start_date":"","end_date":""},
            "scope":[],
            "description":""
            }

    res = session.post(server_address + '/_api/v3/ws/', json=ws_payload)
    assert res.status_code == 201
    print('Workspace {0} created'.format(workspace_name))


create_workspace()

Using the API to create users in bulk

curl -s  'http://127.0.0.1:5985/_api/login' \
        -H 'Origin: http://127.0.0.1:5985/' -H 'Accept-Encoding: gzip, deflate, br' \
        -H 'Accept-Language: en-US,en;q=0.9' \
        -H 'Content-Type: application/json' \
        -H 'Accept: application/json, text/javascript, */*; q=0.01' \
        -H 'Referer: http://127.0.0.1:5985/' -H 'X-Requested-With: XMLHttpRequest' \
        -H 'Connection: keep-alive' \
        --data-binary '{"email":"faraday","password": "changeme"}' \
        --compressed -c cookie.txt 


while read -r line; do
    curl -X POST http://127.0.0.1:5985/_api/v3/users/ \
        -d '{"name":"'$line'","password":"Password123","roles":["client"],"type":"user","role":"client"}' \
        -H 'Content-Type: application/json' \
        -b cookie.txt
done < "users.txt"

Using the API to delete hosts in bulk

curl -X DELETE http://127.0.0.1:5985/_api/v3/ws/test/hosts/bulk_delete/ \
-d '{"hosts_ids": [ 1, 2, 3, 4]}' \
-b cookie.txt \
-H 'Content-Type: application/json'

Upload evidence to a Vulnerability

Remember to change the workspace name in the urls and vuln id to attach evidence.

curl -s  'http://127.0.0.1:5985/_api/login' \
        -H 'Content-Type: application/json' \
        -H 'Accept: application/json, text/javascript, */*; q=0.01' \
        -H 'Referer: http://127.0.0.1:5985/' -H 'X-Requested-With: XMLHttpRequest' \
        -H 'Connection: keep-alive' \
        --data-binary '{"email":"faraday","password": "changeme"}' \
        --compressed -c cookie.txt 

obtain csrf token to upload files

csrf_token=$(curl -s -X GET http://127.0.0.1:5985/_api/session -b cookie.txt -c csrf_cookie.txt| python -c "import sys, json; print json.load(sys.stdin)['csrf_token']")

Upload the file evidence.png

curl 'http://localhost:5985/_api/v3/ws/demo_workspace/vulns/251/attachment/' \
          -H 'Connection: keep-alive' --data-binary $'------WebKitFormBoundary4RCsZGBu1aaCqyxT\r\nContent-Disposition: form-data;name="csrf_token"\r\n\r\$csrf_token\r\n------WebKitFormBoundary4RCsZGBu1aaCqyxT\r\nContent-Disposition: form-data; name="file"; filename="evidence.png"\r\nContent-Type: image/png\r\n\r\n\r\n------WebKitFormBoundary4RCsZGBu1aaCqyxT--\r\n' \ 
          --compressed -c csrf_cookie.txt

Upload reports (XML results from tools) using curl

Please check the URLs and use the correct workspace name!

curl -s  'http://127.0.0.1:5985/_api/login' \
        -H 'Origin: http://127.0.0.1:5985/' -H 'Accept-Encoding: gzip, deflate, br' \
        -H 'Accept-Language: en-US,en;q=0.9' \
        -H 'Content-Type: application/json' \
        -H 'Accept: application/json, text/javascript, */*; q=0.01' \
        -H 'Referer: http://127.0.0.1:5985/' -H 'X-Requested-With: XMLHttpRequest' \
        -H 'Connection: keep-alive' \
        --data-binary '{"email":"faraday","password": "changeme"}' \
        --compressed -c cookie.txt 

csrf_token=$(curl -s -X GET http://127.0.0.1:5985/_api/session -b cookie.txt -c csrf_cookie.txt | python -c "import sys, json; print json.load(sys.stdin)['csrf_token']")
echo $csrf_token

echo ";currentUrl=%2Fstatus%2Fws%2Ftest1; currentComponent=status" >> cookie.txt
curl -i -v http://127.0.0.1:5985/_api/v3/ws/test1/upload_report \
        -H "Connection: keep-alive" \
        -H "Pragma: no-cache" \
        -H "Cache-Control: no-cache" \
        -H "Accept: application/json, text/plain, */*" \
        -H "Origin: http://127.0.0.1:5985/" \
        -H "User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.157 Safari/537.36" \
        -H "Content-Type: multipart/form-data" \
        -H "Referer: http://127.0.0.1:5985/" \
        -H "Accept-Encoding: gzip, deflate, br" \
        -H "Accept-Language:  en-US,en;q=0.9,es;q=0.8" \
        --form "csrf_token=$csrf_token" \
        --form "file=@/PATH/TO/FILE" \
        -b csrf_cookie.txt