regscale-cli 6.27.2.0__py3-none-any.whl → 6.27.3.0__py3-none-any.whl

regscale/_version.py

@@ -33,7 +33,7 @@ def get_version_from_pyproject() -> str:
                     return match.group(1)
     except Exception:
         pass
-    return "6.27.2.0"  # fallback version
+    return "6.27.3.0"  # fallback version
 
 
 __version__ = get_version_from_pyproject()

regscale/core/app/application.py

@@ -88,6 +88,7 @@ class Application(metaclass=Singleton):
             "csamToken": DEFAULT_SECRET,
             "csamURL": "<myCSAMURLgoeshere>",
             "csamFilter": {},
+            "csamFrameworkCatalog": {},
             "dependabotId": "<myGithubUserIdGoesHere>",
             "dependabotOwner": "<myGithubRepoOwnerGoesHere>",
             "dependabotRepo": "<myGithubRepoNameGoesHere>",

regscale/core/app/internal/control_editor.py

@@ -32,8 +32,7 @@ from regscale.core.app.utils.app_utils import (
     get_user_names,
 )
 from regscale.models.app_models.click import regscale_id, regscale_module
-from regscale.models.regscale_models.control import Control
-from regscale.models.regscale_models.control_implementation import ControlImplementation
+from regscale.models.regscale_models import Control, ControlImplementation
 
 
 ALL_IMPS = "all_implementations.xlsx"
@@ -256,6 +255,76 @@ def check_and_format_cells(column: str, col: list[Any]) -> None:
             cell.protection = Protection(locked=False)  # Unprotect the cell
 
 
+def _extract_control_owner_display(item: dict) -> str:
+    """
+    Extract and format control owner display name from item data.
+
+    :param dict item: Item data containing controlOwner information
+    :return: Formatted control owner display string
+    :rtype: str
+    """
+    if not item.get("controlOwner") or item["controlOwner"] is None:
+        return "Unassigned"
+
+    control_owner = item["controlOwner"]
+    last_name = str(control_owner.get("lastName", "")).strip() if control_owner.get("lastName") else ""
+    first_name = str(control_owner.get("firstName", "")).strip() if control_owner.get("firstName") else ""
+    user_name = str(control_owner.get("userName", "")).strip() if control_owner.get("userName") else ""
+
+    if last_name or first_name or user_name:
+        return f"{last_name}, {first_name} ({user_name})"
+    return "Unassigned"
+
+
+def _extract_control_data(item: dict) -> tuple:
+    """
+    Extract control-related data from item.
+
+    :param dict item: Item data containing control information
+    :return: Tuple of (control_id, control_title, control_description, control_weight, catalogue_id)
+    :rtype: tuple
+    """
+    if not item.get("control") or item["control"] is None:
+        return "", "", "", 0, 0
+
+    control = item["control"]
+    return (
+        control.get("controlId", ""),
+        control.get("title", ""),
+        control.get("description", ""),
+        control.get("weight", 0),
+        control.get("catalogueID", 0),
+    )
+
+
+def _build_implementation_row(item: dict) -> list:
+    """
+    Build a single implementation row from item data.
+
+    :param dict item: Item data from GraphQL response
+    :return: List representing a row of implementation data
+    :rtype: list
+    """
+    control_owner_display = _extract_control_owner_display(item)
+    control_id, control_title, control_description, control_weight, catalogue_id = _extract_control_data(item)
+
+    return [
+        item.get("id", 0),
+        item.get("controlID", 0),
+        control_owner_display,
+        control_id,
+        control_title,
+        control_description,
+        item.get("status", ""),
+        item.get("policy", ""),
+        item.get("implementation", ""),
+        item.get("responsibility", ""),
+        item.get("inheritable", False),
+        control_weight,
+        catalogue_id,
+    ]
+
+
 def _fetch_implementations(api: "Api", parent_id: int, parent_module: str) -> "pd.DataFrame":
     """
     Function to fetch implementations from RegScale.
@@ -313,25 +382,8 @@ def _fetch_implementations(api: "Api", parent_id: int, parent_module: str) -> "p
     if existing_implementation_data["controlImplementations"]["totalCount"] <= 0:
         error_and_exit("No records exist for the given RegScale Id and RegScale Module.")
 
-    all_imps = [
-        [
-            item["id"],
-            item["controlID"],
-            f'{str(item["controlOwner"]["lastName"]).strip()}, {str(item["controlOwner"]["firstName"]).strip()} '
-            + f'({str(item["controlOwner"]["userName"]).strip()})',
-            item["control"]["controlId"],
-            item["control"]["title"],
-            item["control"]["description"],
-            item["status"],
-            item["policy"],
-            item["implementation"],
-            item["responsibility"],
-            item["inheritable"],
-            item["control"]["weight"],
-            item["control"]["catalogueID"],
-        ]
-        for item in existing_implementation_data.get("controlImplementations", {}).get("items", [])
-    ]
+    items = existing_implementation_data.get("controlImplementations", {}).get("items", [])
+    all_imps = [_build_implementation_row(item) for item in items]
 
     all_imps_df = pd.DataFrame(
         all_imps,

regscale/core/app/internal/login.py

@@ -31,6 +31,7 @@ def login(
     app: Optional["Application"] = None,
     token: Optional[str] = None,
     mfa_token: Optional[str] = "",
+    app_id: Optional[int] = 1,
 ) -> str:
     """
     Wrapper for Login to RegScale
@@ -41,6 +42,7 @@ def login(
     :param Optional[Application] app: Application object, defaults to None
     :param Optional[str] token: a valid JWT token to pass, defaults to None
     :param Optional[str] mfa_token: a valid MFA token to pass, defaults to ""
+    :param Optional[int] app_id: The app ID to login with
     :raises: ValueError if no domain value found in init.yaml
     :raises: TypeError if token or user id doesn't match expected data type
     :raises: SSLCertVerificationError if unable to validate SSL certificate
@@ -103,9 +105,10 @@ def login(
                 password=str_password,
                 domain=host,
                 mfa_token=mfa_token,
+                app_id=app_id,
             )
         else:
-            regscale_auth = RegScaleAuth.authenticate(Api(), mfa_token=mfa_token)
+            regscale_auth = RegScaleAuth.authenticate(Api(), mfa_token=mfa_token, app_id=app_id)
         if config and config["domain"] is None:
             raise ValueError("No domain set in the init.yaml configuration file.")
         if config and config["domain"] == "":

regscale/core/app/internal/model_editor.py

@@ -348,16 +348,22 @@ def upload_data(path: Path, obj_type: str) -> None:
     if os.path.isfile(os.path.join(path, all_workbook_filename)):
         if not os.path.isfile(os.path.join(path, old_workbook_filename)):
             return app.logger.error("Missing pre-change copy file, unable to determine if changes were made. Aborting!")
+
+        # Get the sheet name from the Excel file
+        workbook_path = os.path.join(path, all_workbook_filename)
+        with pd.ExcelFile(workbook_path) as xls:
+            sheet_name = xls.sheet_names[0] if xls.sheet_names else "Sheet1"
+
         df1 = pd.read_excel(os.path.join(path, old_workbook_filename), sheet_name=0, index_col="Id")
 
-        df2 = pd.read_excel(os.path.join(path, all_workbook_filename), sheet_name=0, index_col="Id")
+        df2 = pd.read_excel(workbook_path, sheet_name=0, index_col="Id")
 
         if df1.equals(df2):
             error_and_exit("No differences detected.")
 
-        app.logger.warning("Differences found!")
+        app.logger.info("Changes detected in workbook. Processing updates...")
         # Need to strip out any net new rows before doing this comparison
-        df3 = strip_any_net_new_rows(app, df2, all_workbook_filename, obj_type, path, new_workbook_filename)
+        df3 = strip_any_net_new_rows(app, df2, all_workbook_filename, obj_type, path, new_workbook_filename, sheet_name)
         try:
             changes = compare_dataframes(df1, df3)
         except ValueError:
@@ -483,7 +489,13 @@ def upload_new_data(app: Application, path: Path, obj_type: str, workbook_filena
 
 
 def strip_any_net_new_rows(
-    app: Application, df: "pd.DataFrame", workbook_filename: str, obj_type: str, path: Path, new_workbook_filename: str
+    app: Application,
+    df: "pd.DataFrame",
+    workbook_filename: str,
+    obj_type: str,
+    path: Path,
+    new_workbook_filename: str,
+    sheet_name: Optional[str] = None,
 ) -> "pd.DataFrame":
     """
     This method scans the loaded workbook for any new rows and strips them out to insert separately.
@@ -494,6 +506,7 @@ def strip_any_net_new_rows(
     :param str obj_type: The model type to load the records as
     :param Path path: The path where the Excel file can be found
     :param str new_workbook_filename: The file name of the Excel spreadsheet with new records.
+    :param Optional[str] sheet_name: The name of the worksheet being processed
     :return: pd.DataFrame The updated DataFrame, minus any new rows
     :rtype: pd.DataFrame
     """
@@ -502,14 +515,14 @@ def strip_any_net_new_rows(
     df_updates = []
     df_inserts = []
     indexes = []
-    columns = extract_columns_from_dataframe(df)
+    columns = list(df.columns)
     obj = get_obj(obj_type)
     for x in df.index:
         if math.isnan(x):
             data_rec = {}
             for y in columns:
                 data_rec[y] = df.at[x, y]
-            df_inserts.append(convert_new_record_to_model(data_rec, obj_type, path, workbook_filename))
+            df_inserts.append(convert_new_record_to_model(data_rec, obj_type, path, workbook_filename, sheet_name))
         else:
             indexes.append(x)
             data_rec = []
@@ -519,7 +532,8 @@ def strip_any_net_new_rows(
     new_df = pd.DataFrame(df_updates, index=indexes, columns=columns)
     if len(df_inserts) > 0:
         if obj.is_new_excel_record_allowed():
-            post_and_save_models(app, df_inserts, path, obj_type, new_workbook_filename)
+            # Use workbook_filename (the actual file containing the data) instead of new_workbook_filename
+            post_and_save_models(app, df_inserts, path, obj_type, workbook_filename)
         else:
             app.logger.warning(
                 "New rows have been found in the Excel spreadsheet being loaded. New records for this model are not allowed."
@@ -528,18 +542,9 @@ def strip_any_net_new_rows(
     return new_df
 
 
-def extract_columns_from_dataframe(df: "pd.DataFrame") -> list:
-    """
-    Builds a list of the columns in the dataframe.
-
-    :param pd.DataFrame df:
-    :return: list of column names
-    :rtype: list
-    """
-    return [y for y in df.columns]
-
-
-def convert_new_record_to_model(data_rec: dict, obj_type: str, path: Path, workbook_filename: str) -> object:
+def convert_new_record_to_model(
+    data_rec: dict, obj_type: str, path: Path, workbook_filename: str, sheet_name: Optional[str] = None
+) -> object:
     """
     This method takes the new record found in the Excel file of existing records, and converts it
     into a model object for inserting into the database.
@@ -548,6 +553,7 @@ def convert_new_record_to_model(data_rec: dict, obj_type: str, path: Path, workb
     :param str obj_type: The model type to load the records as
     :param Path path: The path where the Excel file can be found
     :param str workbook_filename: The file name of the Excel spreadsheet
+    :param Optional[str] sheet_name: The name of the worksheet being processed
     :return: object
     :rtype: object
     :raises ValueError:
@@ -571,9 +577,29 @@ def convert_new_record_to_model(data_rec: dict, obj_type: str, path: Path, workb
         elif cur_field.data_type == "str":
             if not isinstance(new_obj[cur_field.field_name], str):
                 new_obj[cur_field.field_name] = str(new_obj[cur_field.field_name])
+
+    parse_parent_data(new_obj, sheet_name)
+
     return cast_dict_as_model(new_obj, obj_type)
 
 
+def parse_parent_data(new_obj: dict, sheet_name: str) -> None:
+    """
+    Parse parentId and parentModule from worksheet name.
+
+    :param dict new_obj: The new object to parse the parent info for
+    :param str sheet_name: The worksheet name to parse
+    :rtype: None
+    """
+    # Parse parentId and parentModule from sheet name if available
+    if sheet_name:
+        parent_id, parent_module = parse_parent_info_from_sheet_name(sheet_name)
+        if parent_id is not None:
+            new_obj["parentId"] = parent_id
+        if parent_module is not None:
+            new_obj["parentModule"] = parent_module
+
+
 def generate_default_value_for_field(field_name: str, data_type: str) -> Any:
     """
     Generate a default value for a required field.
@@ -597,10 +623,47 @@ def generate_default_value_for_field(field_name: str, data_type: str) -> Any:
         return 0.0
 
 
+def parse_parent_info_from_sheet_name(sheet_name: str) -> tuple[Optional[int], Optional[str]]:
+    """
+    Parse parentId and parentModule from worksheet name.
+
+    Expected format: Issue(46_securityplans
+    Where:
+    - Issue( is the model prefix
+    - 46 is the parentId
+    - securityplans is the parentModule
+
+    :param str sheet_name: The worksheet name to parse
+    :return: Tuple of (parentId, parentModule), or (None, None) if pattern doesn't match
+    :rtype: tuple[Optional[int], Optional[str]]
+    """
+    if not sheet_name or "(" not in sheet_name or "_" not in sheet_name:
+        return None, None
+
+    try:
+        # Find the opening parenthesis
+        paren_index = sheet_name.index("(")
+        # Get the part after the parenthesis
+        after_paren = sheet_name[paren_index + 1 :]
+
+        # Split by underscore
+        if "_" in after_paren:
+            parts = after_paren.split("_", 1)  # Split on first underscore only
+            parent_id = int(parts[0])
+            parent_module = parts[1]
+            return parent_id, parent_module
+    except (ValueError, IndexError):
+        # If parsing fails, return None values
+        pass
+
+    return None, None
+
+
 # pylint: disable=E1136,R0914
 def upload_existing_data(app: Application, api: Api, path: Path, obj_type: str, workbook_filename: str) -> None:
     """
-    This method reads in the spreadsheet filled with existing records to update in RegScale.
+    This method reads in the spreadsheet filled with existing records to update in RegScale
+    using the RegScaleModel save() and bulk_save() methods.
 
     :param Application app: The Application instance
     :param Api api: The instance api handler
@@ -630,48 +693,100 @@ def upload_existing_data(app: Application, api: Api, path: Path, obj_type: str,
     logger.debug(changes)
     id_df = pd.DataFrame(ids, index=None, columns=["Id"])
     id_df2 = id_df.drop_duplicates()
+    logger.info(f"Found {len(id_df2)} unique {obj_type} ID(s) with changes: {id_df2['Id'].tolist()}")
+
     updated_files = os.path.join(path, workbook_filename)
     df3 = pd.read_excel(updated_files, sheet_name=0, index_col=None)
+    logger.debug(f"Read {len(df3)} total rows from Excel file")
+
     updated = df3[df3["Id"].isin(id_df2["Id"])]
+    logger.info(f"Filtered to {len(updated)} {obj_type}(s) matching changed IDs")
+
+    if len(updated) == 0:
+        logger.error(
+            f"No {obj_type}s found in Excel file matching the IDs in differences.txt. "
+            f"Expected IDs: {id_df2['Id'].tolist()}. "
+            f"This usually means the Excel file doesn't contain these records."
+        )
+        return
+
     updated = map_workbook_to_dict(updated_files, updated)
+    logger.debug(f"Converted to dictionary with {len(updated)} entries")
     config = app.config
-    load_objs = load_model_for_id(api, updated, config["domain"] + obj.get_endpoint("get"))
-    load_data = []
+
+    # Load existing model instances from API
+    load_objs = load_model_for_id(api, updated, config["domain"] + obj.get_endpoint("get"), obj_type)
+
+    # Apply changes to model instances and queue for bulk update
+    modified_objects = []
     for cur_obj in load_objs:
-        cur_obj_dict = find_and_apply_changes(cur_obj, changes, updated)
-        load_data.append(cur_obj_dict)
-    api.update_server(
-        url=config["domain"] + obj.get_endpoint("insert"),
-        json_list=load_data,
-        message="Working on uploading updated " + obj_type + " to RegScale.",
-        config=config,
-        method="put",
-    )
+        # Apply Excel changes to the model instance
+        modified_obj = find_and_apply_changes(cur_obj, changes, updated)
+
+        # Ignore change tracking to ensure all updates are saved
+        modified_obj._ignore_has_changed = True
+        # Queue the instance for bulk update
+        modified_obj.save(bulk=True)
+        modified_objects.append(modified_obj)
+
+    # Execute bulk update using the model class
+    if modified_objects:
+        app.logger.info("Executing bulk update for %i %s(s)...", len(modified_objects), obj_type)
+        model_class = type(modified_objects[0])
+        results = model_class.bulk_save()
+
+        updated_count = len(results.get("updated", []))
+        created_count = len(results.get("created", []))
+
+        app.logger.info(
+            "Bulk operation completed: Updated %i %s(s), Created %i %s(s)",
+            updated_count,
+            obj_type,
+            created_count,
+            obj_type,
+        )
 
 
 # pylint: enable=E1136,R0914
 
 
-def find_and_apply_changes(cur_object: dict, changes: list, updates: dict) -> dict:
+def find_and_apply_changes(cur_object: object, changes: list, updates: dict) -> object:
     """
     This method looks through the changes and applies those that should be applied to
-    the current object.
+    the current model instance.
 
-    :param dict cur_object: the current object being updated
+    :param object cur_object: the current model instance being updated
     :param list changes: a list of the specific changes to apply
     :param dict updates: a dictionary of updated models to be applied to the current object(s)
-    :return: dict the updated object
-    :rtype: dict
+    :return: object the updated model instance
+    :rtype: object
     """
     for cur_change in changes:
-        if cur_change["id"] == cur_object["id"]:
+        if cur_change["id"] == cur_object.id:
             field_def = get_field_def_for_column(cur_change["column"])
-            if len(field_def.lookup_field) > 0:
-                cur_object[field_def.field_name] = check_empty_nan(
-                    extract_update_for_column(field_def.field_name, cur_change["id"], updates)
+            if field_def is None:
+                logger.warning(
+                    f"Column '{cur_change['column']}' not found in model fields for {type(cur_object).__name__} "
+                    f"ID {cur_object.id}. Change will be skipped."
                 )
+                continue
+            if len(field_def.lookup_field) > 0:
+                value = check_empty_nan(extract_update_for_column(field_def.field_name, cur_change["id"], updates))
+                setattr(cur_object, field_def.field_name, value)
             else:
-                cur_object[get_field_name_for_column(cur_change["column"])] = check_empty_nan(cur_change["value"])
+                field_name = get_field_name_for_column(cur_change["column"])
+                if not field_name:
+                    logger.warning(
+                        f"Could not find field name for column '{cur_change['column']}' in {type(cur_object).__name__} "
+                        f"ID {cur_object.id}. Change will be skipped."
+                    )
+                    continue
+                value = check_empty_nan(cur_change["value"])
+                logger.debug(
+                    f"Applying change to {type(cur_object).__name__} ID {cur_object.id}: "
+                    f"{field_name} = {value} (was: {getattr(cur_object, field_name, 'N/A')})"
+                )
+                setattr(cur_object, field_name, value)
     return cur_object
 
 
@@ -732,7 +847,8 @@ def post_and_save_models(
     load_file_name: str,
 ) -> None:
     """
-    Function to post new records to RegScale and save record ids to excel workbook
+    Function to post new records to RegScale and save record ids to excel workbook.
+    Uses the RegScaleModel .create() method for new objects.
 
     :param Application app: RegScale CLI Application object
     :param list new_models: List of new records to post to RegScale
@@ -745,28 +861,42 @@ def post_and_save_models(
     import pandas as pd  # Optimize import performance
 
     try:
+        # Create new objects using .create() method
         new_objs = []
         for cur_obj in new_models:
+            # Use .create() for new objects (id=0 or None)
+            cur_obj._ignore_has_changed = True
             new_obj = cur_obj.create()
             cur_obj.create_new_connecting_model(new_obj)
             new_objs.append(cur_obj)
-        new_objs_df = pd.DataFrame([obj.id for obj in new_objs], columns=["id_number"])
-        for file_name in [load_file_name]:
-            with pd.ExcelWriter(
-                os.path.join(workbook_path, file_name),
-                mode="a",
-                engine="openpyxl",
-                if_sheet_exists="overlay",
-            ) as writer:
-                new_objs_df.to_excel(
-                    writer,
-                    sheet_name=obj_type + "_Ids",
-                    index=False,
-                )
-        app.logger.info(
-            "%i total " + obj_type + "(s) were added to RegScale.",
-            len(new_objs),
-        )
+
+        # Save IDs and all other fields to Excel
+        if new_objs:
+            # Create a list of dicts with all field values from created objects
+            obj_data = []
+            for obj in new_objs:
+                obj_dict = {"id_number": obj.id}
+                # Add all fields from obj_fields to ensure we capture API-populated fields
+                for field in obj_fields:
+                    field_value = getattr(obj, field.field_name, None)
+                    if field_value is not None:
+                        obj_dict[field.field_name] = field_value
+                obj_data.append(obj_dict)
+
+            new_objs_df = pd.DataFrame(obj_data)
+            for file_name in [load_file_name]:
+                with pd.ExcelWriter(
+                    os.path.join(workbook_path, file_name),
+                    mode="a",
+                    engine="openpyxl",
+                    if_sheet_exists="overlay",
+                ) as writer:
+                    new_objs_df.to_excel(
+                        writer,
+                        sheet_name=obj_type + "_Ids",
+                        index=False,
+                    )
+            app.logger.info("%i total %s(s) were added to RegScale.", len(new_objs), obj_type)
     except Exception as e:
         app.logger.error(e)
 
@@ -793,26 +923,49 @@ def map_pandas_timestamp(date_time: "pd.Timestamp") -> Optional[str]:
     return date_time or None
 
 
-def load_model_for_id(api: Api, wb_data: dict, url: str) -> list:
+def load_model_for_id(api: Api, wb_data: dict, url: str, obj_type: str) -> list:
     """
-    This method loads the current record for the updated objects.
+    This method loads the current record for the updated objects and returns model instances.
 
     :param Api api: the API object instance to use
     :param dict wb_data: The submitted workbook data in a dict
     :param str url: the base url to use to retrieve the model data
-    :return: list of instances of the specified model, populated with the dict
+    :param str obj_type: The model type to cast the data to
+    :return: list of model instances of the specified type
     :rtype: list
     """
     load_data = []
+    failed_loads = []
+
+    logger.info(f"Loading {len(wb_data)} {obj_type}(s) from API for update...")
+
     for cur_obj in wb_data:
         obj = wb_data[cur_obj]
         cur_id = int(obj["Id"])
         if cur_id > 0:
             url_to_use = url.replace("{id}", str(cur_id))
             url_to_use = check_url_for_double_slash(url_to_use)
+            logger.debug(f"Fetching {obj_type} ID {cur_id} from {url_to_use}")
             result = api.get(url_to_use)
             if result.status_code == 200:
-                load_data.append(result.json())
+                dict_data = result.json()
+                model_instance = cast_dict_as_model(dict_data, obj_type)
+                load_data.append(model_instance)
+                logger.debug(f"Successfully loaded {obj_type} ID {cur_id}")
+            else:
+                failed_loads.append((cur_id, result.status_code))
+                logger.warning(
+                    f"Failed to load {obj_type} ID {cur_id} from API. Status code: {result.status_code}. "
+                    f"This record will not be updated."
+                )
+
+    if failed_loads:
+        logger.warning(
+            f"Failed to load {len(failed_loads)} {obj_type}(s) from API: "
+            f"{', '.join([f'ID {id} (HTTP {code})' for id, code in failed_loads])}"
+        )
+
+    logger.info(f"Successfully loaded {len(load_data)} {obj_type}(s) from API for update.")
     return load_data
 
 
@@ -945,7 +1098,9 @@ def map_workbook_to_lookups(file_path: str, workbook_data: Optional["pd.DataFram
     else:
         wb_data = pd.read_excel(file_path)
 
-    wb_data = wb_data.dropna()
+    # Only drop rows where ALL values are NaN (completely empty rows)
+    # Don't drop rows with some NaN values - those are legitimate records with optional empty fields
+    wb_data = wb_data.dropna(how="all")
     for cur_row in obj_fields:
         if len(cur_row.lookup_field) > 0 and cur_row.lookup_field != "module":
             if cur_row.column_name in wb_data.columns:

regscale/core/login.py

@@ -6,6 +6,7 @@ from os import getenv
 from typing import Optional, Tuple
 from urllib.parse import urljoin
 
+from requests.exceptions import HTTPError
 from regscale.core.app.api import Api
 from regscale.core.app.utils.app_utils import error_and_exit
 
@@ -14,10 +15,11 @@ logger = logging.getLogger("regscale")
 
 def get_regscale_token(
     api: Api,
-    username: str = getenv("REGSCALE_USER"),
-    password: str = getenv("REGSCALE_PASSWORD"),
-    domain: str = getenv("REGSCALE_DOMAIN"),
+    username: Optional[str] = getenv("REGSCALE_USER"),
+    password: Optional[str] = getenv("REGSCALE_PASSWORD"),
+    domain: Optional[str] = getenv("REGSCALE_DOMAIN"),
     mfa_token: Optional[str] = "",
+    app_id: Optional[int] = 1,
 ) -> Tuple[str, str]:
     """
     Authenticate with RegScale and return a token
@@ -27,6 +29,7 @@ def get_regscale_token(
     :param str password: a string defaulting to the envar REGSCALE_PASSWORD
     :param str domain: a string representing the RegScale domain, checks environment REGSCALE_DOMAIN
     :param Optional[str] mfa_token: MFA token to login with
+    :param Optional[int] app_id: The app ID to login with
     :raises EnvironmentError: if domain is not passed or retrieved
     :return: a tuple of user_id and auth_token
     :rtype: Tuple[str, str]
@@ -47,7 +50,19 @@ def get_regscale_token(
     logger.info("Logging into: %s", domain)
     # suggest structuring the login paths so that they all exist in one place
     url = urljoin(domain, "/api/authentication/login")
-    response = api.post(url=url, json=auth, headers={})
+    try:
+        # Try to authenticate with the new API version
+        auth["appId"] = app_id
+        response = api.post(url=url, json=auth, headers={"X-Api-Version": "2.0"})
+        if response is None:
+            raise HTTPError("No response received from api.post(). Possible connection issue or internal error.")
+        response.raise_for_status()
+        app_id_compatible = True
+    except HTTPError:
+        # Fallback to the old API version
+        del auth["appId"]
+        response = api.post(url=url, json=auth, headers={})
+        app_id_compatible = False
     error_msg = "Unable to authenticate with RegScale. Please check your credentials."
     if response is None:
         logger.error("No response received from api.post(). Possible connection issue or internal error.")
@@ -63,4 +78,6 @@ def get_regscale_token(
         error_and_exit(f"{error_msg}\n{response.status_code}: {response.text}")
     if isinstance(response_dict, str):
         response_dict = json.loads(response_dict)
+    if app_id_compatible:
+        return response_dict["accessToken"]["id"], response_dict["accessToken"]["authToken"]
     return response_dict["id"], response_dict["auth_token"]