# Mend API

Mend's enhanced API enables automation of workflows in a REST compliant format. The API features:
+ Access for any user with Mend credentials, via a user key available in the user's profile page in the Mend Platform.
+ Improved security with a JWT token per organization, which expires every 30 minutes.
+ Added scalability with support for cursor pagination and limiting results size.
+ Broader functionality available programmatically.
+ New standard API documentation for easy navigation and search.

If you have a dedicated instance of Mend, contact your Mend representative to access this API on your instance.

Version: 3.0

## Servers

Generated server url
```
https://baseUrl
```

## Security

### bearer-key

JWT token Bearer

Type: http
Scheme: bearer
Bearer Format: JWT

## Download OpenAPI description

[Mend API](https://api-docs.mend.io/_spec/platform/3.0.yaml)

## Access Management

### Logout (revokes the refresh token)

 - [POST /api/v3.0/logout](https://api-docs.mend.io/platform/3.0/access-management/logout.md)

### Generate / Refresh Access Token

 - [POST /api/v3.0/login/accessToken](https://api-docs.mend.io/platform/3.0/access-management/refreshaccesstoken.md): Generates a new access token from a refresh token

### Login

 - [POST /api/v3.0/login](https://api-docs.mend.io/platform/3.0/access-management/login.md): Sign in a user with email and user key, returning a JWT token which is valid for 30 minutes.
If you omit the organization, it defaults to the last one you signed in to. 

## Administration - Groups

### Get Group Roles

 - [GET /api/v3.0/orgs/{orgUuid}/groups/{groupUuid}/roles](https://api-docs.mend.io/platform/3.0/administration-groups/getgrouproles.md): Returns the list of roles associated with a given group

### Remove Group Roles

 - [PUT /api/v3.0/orgs/{orgUuid}/groups/{groupUuid}/roles](https://api-docs.mend.io/platform/3.0/administration-groups/removegrouproles.md): Deletes a role from a group

### Add Group Roles

 - [POST /api/v3.0/orgs/{orgUuid}/groups/{groupUuid}/roles](https://api-docs.mend.io/platform/3.0/administration-groups/addgrouproles.md): Creates a new group role for an organization

### Get Group

 - [GET /api/v3.0/orgs/{orgUuid}/groups/{groupUuid}](https://api-docs.mend.io/platform/3.0/administration-groups/getgroup.md): Returns the given group of an organization

### Update Group

 - [PUT /api/v3.0/orgs/{orgUuid}/groups/{groupUuid}](https://api-docs.mend.io/platform/3.0/administration-groups/updategroup.md): Updates the properties of a given group

### Delete Group

 - [DELETE /api/v3.0/orgs/{orgUuid}/groups/{groupUuid}](https://api-docs.mend.io/platform/3.0/administration-groups/deletegroup.md): Deletes the given group

### Get Group Users

 - [GET /api/v3.0/orgs/{orgUuid}/groups/{groupUuid}/users](https://api-docs.mend.io/platform/3.0/administration-groups/getgroupusers.md): Returns a list of users that belong to given group

### Add User to Group

 - [POST /api/v3.0/orgs/{orgUuid}/groups/{groupUuid}/users](https://api-docs.mend.io/platform/3.0/administration-groups/adduserstogroup.md): Adds a user to an organization's group

### Get All Organization Groups

 - [GET /api/v3.0/orgs/{orgUuid}/groups](https://api-docs.mend.io/platform/3.0/administration-groups/getallorganizationgroups.md): Returns a list of all groups within an organization

### Create Group

 - [POST /api/v3.0/orgs/{orgUuid}/groups](https://api-docs.mend.io/platform/3.0/administration-groups/creategroup.md): Creates a new group for an organization

### Remove User From Group

 - [DELETE /api/v3.0/orgs/{orgUuid}/groups/{groupUuid}/users/{userUuid}](https://api-docs.mend.io/platform/3.0/administration-groups/deleteuserfromgroup.md): Deletes a user from an organization's group

## Administration - Users

### Invite User

 - [POST /api/v3.0/orgs/{orgUuid}/users/invite](https://api-docs.mend.io/platform/3.0/administration-users/inviteuser.md): Sends an email invitation to others to join an organization

### Get Organization Users

 - [GET /api/v3.0/orgs/{orgUuid}/users](https://api-docs.mend.io/platform/3.0/administration-users/getuserspaginated.md): Returns a list of all users in an organization (paginated)

### Remove User From Organization

 - [DELETE /api/v3.0/orgs/{orgUuid}/users/{userUuid}](https://api-docs.mend.io/platform/3.0/administration-users/removeuser.md): Deletes a user from an organization

## Administration - Labels

### Rename Label

 - [PUT /api/v3.0/orgs/{orgUuid}/labels/{labelUuid}](https://api-docs.mend.io/platform/3.0/administration-labels/renamelabel.md): Renames an existing label

### Remove Label Definition

 - [DELETE /api/v3.0/orgs/{orgUuid}/labels/{labelUuid}](https://api-docs.mend.io/platform/3.0/administration-labels/deletelabel.md): Removes a label definition

### Get All Organization Labels

 - [GET /api/v3.0/orgs/{orgUuid}/labels](https://api-docs.mend.io/platform/3.0/administration-labels/getlabels.md): Returns a list of all labels in an organization (paginated)

### Add Label Definition

 - [POST /api/v3.0/orgs/{orgUuid}/labels](https://api-docs.mend.io/platform/3.0/administration-labels/createlabel.md): Adds a new label definition

## Reports

### Export Images Project Due Diligence report asynchronously (Containers)

 - [POST /api/v3.0/projects/{projectUuid}/images/reports/dueDiligence](https://api-docs.mend.io/platform/3.0/reports/exportimgfindingsreport.md)

### Export Images Project Attribution report asynchronously (Containers)

 - [POST /api/v3.0/projects/{projectUuid}/images/reports/attribution](https://api-docs.mend.io/platform/3.0/reports/exportimgattributionreport.md)

### Export Images Project SBOM report asynchronously (Containers)

 - [POST /api/v3.0/projects/{projectUuid}/images/reports/SBOM](https://api-docs.mend.io/platform/3.0/reports/exportimgsbomreport.md)

### Export Code Project Suppressions report asynchronously (SAST)

 - [POST /api/v3.0/projects/{projectUuid}/code/reports/suppressions](https://api-docs.mend.io/platform/3.0/reports/exportcodesuppressionsreport.md)

### Export Code Project Findings report asynchronously (SAST)

 - [POST /api/v3.0/projects/{projectUuid}/code/reports/findings](https://api-docs.mend.io/platform/3.0/reports/exportcodefindingsreport.md)

### Export Code Project Compliance report asynchronously (SAST)

 - [POST /api/v3.0/projects/{projectUuid}/code/reports/compliance](https://api-docs.mend.io/platform/3.0/reports/exportcodecompliancereport.md)

### Export Images Organization Due Diligence report asynchronously (Containers)

 - [POST /api/v3.0/orgs/{orgUuid}/images/reports/dueDiligence](https://api-docs.mend.io/platform/3.0/reports/exportimgfindingsreport_1.md)

### Export Images Organization Attribution report asynchronously (Containers)

 - [POST /api/v3.0/orgs/{orgUuid}/images/reports/attribution](https://api-docs.mend.io/platform/3.0/reports/exportimgattributionreport_1.md)

### Export Images Organization SBOM report asynchronously (Containers)

 - [POST /api/v3.0/orgs/{orgUuid}/images/reports/SBOM](https://api-docs.mend.io/platform/3.0/reports/exportimgsbomreport_1.md)

### Export Code Organization Compliance report asynchronously (SAST)

 - [POST /api/v3.0/orgs/{orgUuid}/code/reports/compliance](https://api-docs.mend.io/platform/3.0/reports/exportsastanalyticsreport.md)

### Export Images Application Due Diligence report asynchronously (Containers)

 - [POST /api/v3.0/applications/{applicationUuid}/images/reports/dueDiligence](https://api-docs.mend.io/platform/3.0/reports/exportimgfindingsreport_2.md)

### Export Images Application Attribution report asynchronously (Containers)

 - [POST /api/v3.0/applications/{applicationUuid}/images/reports/attribution](https://api-docs.mend.io/platform/3.0/reports/exportimgattributionreport_2.md)

### Export Images Application SBOM report asynchronously (Containers)

 - [POST /api/v3.0/applications/{applicationUuid}/images/reports/SBOM](https://api-docs.mend.io/platform/3.0/reports/exportimgsbomreport_2.md)

### Export Code Application Suppressions report asynchronously (SAST)

 - [POST /api/v3.0/applications/{applicationUuid}/code/reports/suppressions](https://api-docs.mend.io/platform/3.0/reports/exportcodesuppressionsreport_1.md)

### Export Code Application Findings report asynchronously (SAST)

 - [POST /api/v3.0/applications/{applicationUuid}/code/reports/findings](https://api-docs.mend.io/platform/3.0/reports/exportcodefindingsreport_1.md)

### Export Code Application Compliance report asynchronously (SAST)

 - [POST /api/v3.0/applications/{applicationUuid}/code/reports/compliance](https://api-docs.mend.io/platform/3.0/reports/exportcodecompliancereport_1.md)

### Get Report Status

 - [GET /api/v3.0/orgs/{orgUuid}/reports/{reportUuid}](https://api-docs.mend.io/platform/3.0/reports/getreportstatus.md)

### Delete Report

 - [DELETE /api/v3.0/orgs/{orgUuid}/reports/{reportUuid}](https://api-docs.mend.io/platform/3.0/reports/deletereport.md)

### Download Report

 - [GET /api/v3.0/orgs/{orgUuid}/reports/download/{reportUuid}](https://api-docs.mend.io/platform/3.0/reports/downloadreport.md)

### Get Reports

 - [GET /api/v3.0/orgs/{orgUuid}/reports](https://api-docs.mend.io/platform/3.0/reports/getreportstatusesmulticontext.md)

### Export project Due Diligence report asynchronously (Dependencies - SCA)

 - [POST /api/v3.0/projects/{projectUuid}/dependencies/reports/dueDiligence](https://api-docs.mend.io/platform/3.0/reports/exportprojectduediligencereport.md)

### Export project SBOM report asynchronously (Dependencies - SCA)

 - [POST /api/v3.0/projects/{projectUuid}/dependencies/reports/SBOM](https://api-docs.mend.io/platform/3.0/reports/exportsbomreport.md)

### Export application Due Diligence report asynchronously (Dependencies - SCA)

 - [POST /api/v3.0/applications/{applicationIdentifier}/dependencies/reports/dueDiligence](https://api-docs.mend.io/platform/3.0/reports/exportproductduediligencereport.md)

### Export application SBOM report asynchronously (Dependencies - SCA)

 - [POST /api/v3.0/applications/{applicationIdentifier}/dependencies/reports/SBOM](https://api-docs.mend.io/platform/3.0/reports/exportsbomreport_1.md)

## Scans

### Get Scan Tags

 - [GET /api/v3.0/orgs/{orgUuid}/projects/{projectUuid}/scans/{scanUuid}/tags](https://api-docs.mend.io/platform/3.0/scans/gettags.md)

### Add Scan Tag

 - [PUT /api/v3.0/orgs/{orgUuid}/projects/{projectUuid}/scans/{scanUuid}/tags](https://api-docs.mend.io/platform/3.0/scans/addtagoverride.md)

### Add Scan Tag

 - [POST /api/v3.0/orgs/{orgUuid}/projects/{projectUuid}/scans/{scanUuid}/tags](https://api-docs.mend.io/platform/3.0/scans/addtag.md)

### Get Scan

 - [GET /api/v3.0/orgs/{orgUuid}/projects/{projectUuid}/scans/{scanUuid}](https://api-docs.mend.io/platform/3.0/scans/getscan.md)

### Update Scan

 - [PUT /api/v3.0/orgs/{orgUuid}/projects/{projectUuid}/scans/{scanUuid}](https://api-docs.mend.io/platform/3.0/scans/updatescan.md)

### Get Scan Summary

 - [GET /api/v3.0/orgs/{orgUuid}/projects/{projectUuid}/scans/{scanUuid}/summary](https://api-docs.mend.io/platform/3.0/scans/getsummary.md)

### Get Project Scans

 - [GET /api/v3.0/orgs/{orgUuid}/projects/{projectUuid}/scans](https://api-docs.mend.io/platform/3.0/scans/getscansummaries.md): Returns the project related scans

## Projects

### Update Multiple Violation SLA

 - [PUT /api/v3.0/orgs/{orgUuid}/projects/{projectUuid}/violations/sla](https://api-docs.mend.io/platform/3.0/projects/updatemultipleprojectviolationsla.md): Updates the SLA of Multiple Project Violating Findings

### Get Project Labels

 - [GET /api/v3.0/orgs/{orgUuid}/projects/{projectUuid}/labels](https://api-docs.mend.io/platform/3.0/projects/getprojectlabels.md): Get project labels. A label can be a string or namespace:value pair that provide additional metadata to assist with project management.

### Add Project Label

 - [PUT /api/v3.0/orgs/{orgUuid}/projects/{projectUuid}/labels](https://api-docs.mend.io/platform/3.0/projects/addprojectlabel.md): Adds a new label to a project. A label can be a string or namespace:value pair that provide additional metadata to assist with project management.

### Get Project Statistics

 - [POST /api/v3.0/orgs/{orgUuid}/projects/summaries](https://api-docs.mend.io/platform/3.0/projects/getprojectsummaries.md): Returns the requested statistics for the given projects that match at least one of the given identifiers.

### Get Project Violating Findings

 - [GET /api/v3.0/orgs/{orgUuid}/projects/{projectUuid}/violations](https://api-docs.mend.io/platform/3.0/projects/getprojectviolations.md): Returns the violations relates to project

### Get Project totals

 - [GET /api/v3.0/orgs/{orgUuid}/projects/summaries/totals](https://api-docs.mend.io/platform/3.0/projects/getprojecttotals.md): Returns the requested statistics for the given projects that match at least one of the given identifiers.

### Get Project totals grouped by date

 - [GET /api/v3.0/orgs/{orgUuid}/projects/summaries/total/date](https://api-docs.mend.io/platform/3.0/projects/getprojectsummariestotalsbydate.md): Returns the requested statistics for the given projects that match at least one of the given identifiers.

### Get Organization Projects

 - [GET /api/v3.0/orgs/{orgUuid}/projects](https://api-docs.mend.io/platform/3.0/projects/getorganizationprojects.md): Returns a list of all projects accessible to the current user

### Remove Project Label

 - [DELETE /api/v3.0/orgs/{orgUuid}/projects/{projectUuid}/labels/{labelUuid}](https://api-docs.mend.io/platform/3.0/projects/removeprojectlabel.md): Removes a label from a project

### Get Project vulnerabilities traces (Dependencies - SCA)

 - [GET /api/v3.0/projects/{projectUuid}/dependencies/effective](https://api-docs.mend.io/platform/3.0/projects/getlibraries_1.md): Returns the traces of a given project. Note that this feature requires that Mend Prioritize be enabled in your Mend account.

## Applications

### Update Multiple Violation SLA

 - [PUT /api/v3.0/orgs/{orgUuid}/applications/{applicationUuid}/violations/sla](https://api-docs.mend.io/platform/3.0/applications/updatemultipleprojectviolationsla_1.md): Updates the SLA of Multiple Application Violating Findings

### Get Application Labels

 - [GET /api/v3.0/orgs/{orgUuid}/applications/{applicationUuid}/labels](https://api-docs.mend.io/platform/3.0/applications/getproductlabels.md): Get application labels. A label can be a string or namespace:value pair that provide additional metadata to assist with project management.

### Add Application Label

 - [PUT /api/v3.0/orgs/{orgUuid}/applications/{applicationUuid}/labels](https://api-docs.mend.io/platform/3.0/applications/addapplicationlabel.md): Adds a new label to a application. A label can be a string or namespace:value pair that provide additional metadata to assist with project management.

### Get Application Statistics

 - [POST /api/v3.0/orgs/{orgUuid}/applications/summaries](https://api-docs.mend.io/platform/3.0/applications/getapplicationsummaries.md): Returns the requested statistics for the given applications

### Get Application Scans

 - [GET /api/v3.0/orgs/{orgUuid}/applications/{applicationUuid}/scans](https://api-docs.mend.io/platform/3.0/applications/getscansummaries_1.md): Returns the application related scans

### Get Application totals

 - [GET /api/v3.0/orgs/{orgUuid}/applications/summaries/totals](https://api-docs.mend.io/platform/3.0/applications/getapplicationstotals.md): Returns the requested statistics for the given applications

### Get Organization Applications

 - [GET /api/v3.0/orgs/{orgUuid}/applications](https://api-docs.mend.io/platform/3.0/applications/getorganizationapplications.md): Returns a list of all applications accessible to the current user

### Remove Application Label

 - [DELETE /api/v3.0/orgs/{orgUuid}/applications/{applicationUuid}/labels/{labelUuid}](https://api-docs.mend.io/platform/3.0/applications/removeproductlabel.md): Removes a label from an application

## Findings - Project

### Update Root LibrarySecurity Finding (Dependencies - SCA)

 - [PUT /api/v3.0/projects/{projectUuid}/dependencies/findings/security/rootLibrary/{rootLibraryUuid}](https://api-docs.mend.io/platform/3.0/findings-project/updaterootlibrarysecurityfinding.md): Changes a given security finding's status and comments

### Get Project Security Findings (Dependencies - SCA)

 - [GET /api/v3.0/projects/{projectUuid}/dependencies/findings/security](https://api-docs.mend.io/platform/3.0/findings-project/getsecurityvulnerabilityfindings.md): Returns all security findings for a given project

### Update Security Finding (Dependencies - SCA)

 - [PUT /api/v3.0/projects/{projectUuid}/dependencies/findings/security](https://api-docs.mend.io/platform/3.0/findings-project/updatesecurityalert.md): Changes a given security finding's status and comments

### Get Project Due Diligence Info (Dependencies - SCA)

 - [GET /api/v3.0/projects/{projectUuid}/dependencies/libraries/licenses](https://api-docs.mend.io/platform/3.0/findings-project/getduediligenceinfobymultiplecontexts.md): Returns a due diligence report listing the source and license information for all libraries in a project

### Get In-House Libraries (Dependencies - SCA)

 - [GET /api/v3.0/projects/{projectUuid}/dependencies/libraries/inHouse](https://api-docs.mend.io/platform/3.0/findings-project/getproprietarylibraries.md): Returns all libraries in a given project that have been designated as "In-House". They will not trigger any alerts or be included in license analysis.

### Get Project Libraries (Dependencies - SCA)

 - [GET /api/v3.0/projects/{projectUuid}/dependencies/libraries](https://api-docs.mend.io/platform/3.0/findings-project/getlibraries.md): Returns the set of libraries used by a particular project

### Get Root Libraries Security Finding (Dependencies - SCA)

 - [GET /api/v3.0/projects/{projectUuid}/dependencies/findings/security/groupBy/rootLibrary](https://api-docs.mend.io/platform/3.0/findings-project/getrootlibrarysecurityvulnerabilityfindings.md): Get root libraries security findings for a given project

### Get a list of project findings (SAST)

 - [GET /api/v3.0/projects/{projectUuid}/code/findings](https://api-docs.mend.io/platform/3.0/findings-project/listprojectfindingsv3.0.md): Get a list of findings for a specified project UUID.

This endpoint supports paging using cursor and limit parameters described in Parameters section below.

### Bulk update of project findings state (review and/or suppression) or severity (SAST)

 - [PATCH /api/v3.0/projects/{projectUuid}/code/findings](https://api-docs.mend.io/platform/3.0/findings-project/bulkpatchprojectfindingv3.0.md): Bulk update of project findings state (review and/or suppression) or severity

### Update a project finding state (review and/or suppression) or severity (SAST)

 - [PATCH /api/v3.0/projects/{projectUuid}/code/findings/{findingSnapshotId}](https://api-docs.mend.io/platform/3.0/findings-project/patchprojectfindingv3.0.md): Update a project finding state (review and/or suppression) or severity

### Get a project finding (SAST)

 - [GET /api/v3.0/projects/{projectUuid}/code/findings/{findingUuid}](https://api-docs.mend.io/platform/3.0/findings-project/getprojectfindingv3.0.md): Get a project finding for a specified project and finding UUID.


### Update multiple findings status (Containers)

 - [POST /api/v3.0/projects/{projectuuid}/images/findings](https://api-docs.mend.io/platform/3.0/findings-project/updateimgbulkstatus.md): Update the status of multiple findings in bulk (e.g. suppress, review)

### Update package status (Containers)

 - [PUT /api/v3.0/projects/{projectuuid}/images/findings/packages/{packageuuid}](https://api-docs.mend.io/platform/3.0/findings-project/updateimgpackagestatus.md): Update the status of a package (e.g. suppress, review)

### List latest image scan secrets findings (Containers)

 - [GET /api/v3.0/projects/{projectuuid}/images/findings/secrets](https://api-docs.mend.io/platform/3.0/findings-project/listlatestimgscansecretsfindings.md): List the latest image scan secrets findings

### List latest image scan security findings (Containers)

 - [GET /api/v3.0/projects/{projectuuid}/images/findings/security](https://api-docs.mend.io/platform/3.0/findings-project/listlatestimgscansecurityfindings.md): List the latest image scan security findings

### Update finding status (Containers)

 - [PUT /api/v3.0/projects/{projectuuid}/images/findings/security/{findingid}](https://api-docs.mend.io/platform/3.0/findings-project/updateimgfindingstatus.md): Update the status of a finding (e.g. suppress, review)

### List latest image scan packages (Containers)

 - [GET /api/v3.0/projects/{projectuuid}/images/packages](https://api-docs.mend.io/platform/3.0/findings-project/listlatestimgscanpackages.md): List the latest image scan packages

### Get project AI technologies (AI)

 - [GET /api/v3.0/projects/{projectUuid}/ai/findings/technologies](https://api-docs.mend.io/platform/3.0/findings-project/paths/~1api~1v3.0~1projects~1%7Bprojectuuid%7D~1ai~1findings~1technologies/get.md): Returns a list of AI technologies used in a specific project

### Get project AI models (AI)

 - [GET /api/v3.0/projects/{projectUuid}/ai/findings/models](https://api-docs.mend.io/platform/3.0/findings-project/paths/~1api~1v3.0~1projects~1%7Bprojectuuid%7D~1ai~1findings~1models/get.md): Returns a list of AI models used in a specific project

## Findings - Scan

### Get a list of project scan findings (SAST)

 - [GET /api/v3.0/projects/{projectUuid}/scans/{scanUuid}/code/findings](https://api-docs.mend.io/platform/3.0/findings-scan/listprojectscanfindingsv3.0.md): Get a list of findings for a specified project scan UUID.

This endpoint supports paging using cursor and limit parameters described in Parameters section below.

### Get a project scan finding (SAST)

 - [GET /api/v3.0/projects/{projectUuid}/scans/{scanUuid}/code/findings/{findingUuid}](https://api-docs.mend.io/platform/3.0/findings-scan/getprojectscanfindingv3.0.md): Get a project finding for a specified project, scan and finding UUID.


### List image scan secrets findings (Containers)

 - [GET /api/v3.0/projects/{projectuuid}/scans/{scanuuid}/images/findings/secrets](https://api-docs.mend.io/platform/3.0/findings-scan/listimgscansecretsfindings.md): List the image scan secrets findings

### List image scan security findings (Containers)

 - [GET /api/v3.0/projects/{projectuuid}/scans/{scanuuid}/images/findings/security](https://api-docs.mend.io/platform/3.0/findings-scan/listimgscansecurityfindings.md): List the image scan security findings

### List image scan packages (Containers)

 - [GET /api/v3.0/projects/{projectuuid}/scans/{scanuuid}/images/packages](https://api-docs.mend.io/platform/3.0/findings-scan/listimgscanpackages.md): List the image scan packages

## Integrations

### Get All Integrations

 - [GET /api/v3.0/orgs/{orgUuid}/integrations](https://api-docs.mend.io/platform/3.0/integrations/getorgintegrations.md): Returns all integrations for the given organization with optional filtering.