Smartsheet

target_in_scope

asset_identifier asset_type availability requirement confidentiality requirement eligible for bounty eligible for submission integrity requirement max_severity
api.smartsheet.com/2.0 URL critical
Programmatic access to the Smartsheet application. [API documentation found here.](https://smartsheet-platform.github.io/api-docs/) [How to generate API token](https://smartsheet-platform.github.io/api-docs/#authentication-and-access-tokens)
app.smartsheet.com URL critical
Web interface for the Smartsheet platform. [Sign up for a non-expiring developer account using your wearehackerone.com email.](https://developers.smartsheet.com/register/) Additional accounts can be created using yourusername+whatever@wearehackerone.com Only test using @wearehackerone.com accounts [Sign into the application.](https://app.smartsheet.com/b/home) [Checkout platform features.](https://help.smartsheet.com/topics/sheet-basics) Be the first to hack our new features, by reading the [Release Notes.](https://www.smartsheet.com/release-notes)

target_out_of_scope

asset_identifier asset_type availability requirement confidentiality requirement eligible for bounty eligible for submission integrity requirement max_severity