Upload a single SBOM file, associate it with an application, and automatically create a new project. The SBOM scan is queued for asynchronous processing. Supported formats: SPDX (JSON/XML), CycloneDX (JSON/XML).
Mend API (3.0)
Mend's enhanced API enables automation of workflows in a REST compliant format. The API features:
- Access for any user with Mend credentials, via a user key available in the user's profile page in the Mend Platform.
- Improved security with a JWT token per organization, which expires every 30 minutes.
- Added scalability with support for cursor pagination and limiting results size.
- Broader functionality available programmatically.
- New standard API documentation for easy navigation and search.
If you have a dedicated instance of Mend, contact your Mend representative to access this API on your instance.
Note: To help you get started with the Mend API 3.0, we recommend reviewing our onboarding guide -> Getting Started with API 3.0. This resource covers initial setup, authentication instructions, and helpful tips to help you successfully begin working with the Mend API 3.0.
- Generated server urlhttps://baseUrl/api/v3.0/applications/{applicationIdentifier}/dependencies/projects/importSbom
- Payload
- cURL
- JS
- Go
- Ruby
- Java 8
multipart/form-data
{
"projectName": "string",
"projectDescription": "string",
"sbomFile": "string"
}Response
application/json
{ "supportToken": "1171c60d", "project": { "uuid": "123e4567-e89b-12d3-a456-426655440000", "name": "My Project", "path": "My Application", "applicationName": "My Application", "applicationUuid": "123e4567-e89b-12d3-a456-426655440000" }, "scan": { "scanUuid": "45e0c7f0-2a64-4a1c-bb2b-22e1c4f02126", "createdAt": "2025-10-27T18:50:05Z" }, "link": { "logs": "/api/v3.0/projects/{projectUuid}/scans/{scanUuid}/dependencies/SBOM/logs" } }