# Trigger SBOM Scan (creates project) Upload a single SBOM file, associate it with an application, and automatically create a new project. The SBOM scan is queued for asynchronous processing. Supported formats: SPDX (JSON/XML), CycloneDX (JSON/XML). Endpoint: POST /api/v3.0/applications/{applicationIdentifier}/dependencies/projects/importSbom Version: 3.0 Security: bearer-key ## Path parameters: - `applicationIdentifier` (string, required) Application UUID (Administration > Applications) ## Request fields (multipart/form-data): - `projectName` (string, required) Name of the project to create under this application - `projectDescription` (string) Optional project description - `sbomFile` (string, required) The SBOM file to upload (SPDX or CycloneDX). Only one file per request. ## Response 201 fields (application/json): - `supportToken` (string) Support token for tracking Example: "1171c60d" - `project` (object) - `project.uuid` (string) Example: "123e4567-e89b-12d3-a456-426655440000" - `project.name` (string) Example: "My Project" - `project.path` (string) Example: "My Application" - `project.applicationName` (string) Example: "My Application" - `project.applicationUuid` (string) Example: "123e4567-e89b-12d3-a456-426655440000" - `scan` (object) Scan information - `scan.scanUuid` (string) Scan identifier Example: "45e0c7f0-2a64-4a1c-bb2b-22e1c4f02126" - `scan.createdAt` (string) Scan creation timestamp Example: "2025-10-27T18:50:05Z" - `link` (object) Log Link - `link.logs` (string) Link to scan logs Example: "/api/v3.0/projects/{projectUuid}/scans/{scanUuid}/dependencies/SBOM/logs" ## Response 400 fields (*/*): - `supportToken` (string) Example: "1171c60d" ## Response 403 fields (*/*): - `supportToken` (string) Example: "1171c60d" ## Response 404 fields (application/json): - `supportToken` (string) Example: "1171c60d" - `response` (object) - `response.supportToken` (string) Support token for tracking Example: "1171c60d" - `response.project` (object) - `response.project.uuid` (string) Example: "123e4567-e89b-12d3-a456-426655440000" - `response.project.name` (string) Example: "My Project" - `response.project.path` (string) Example: "My Application" - `response.project.applicationName` (string) Example: "My Application" - `response.project.applicationUuid` (string) Example: "123e4567-e89b-12d3-a456-426655440000" - `response.scan` (object) Scan information - `response.scan.scanUuid` (string) Scan identifier Example: "45e0c7f0-2a64-4a1c-bb2b-22e1c4f02126" - `response.scan.createdAt` (string) Scan creation timestamp Example: "2025-10-27T18:50:05Z" - `response.link` (object) Log Link - `response.link.logs` (string) Link to scan logs Example: "/api/v3.0/projects/{projectUuid}/scans/{scanUuid}/dependencies/SBOM/logs"