Platform API 3.0

Get a list of project findings (Code - SAST)

Mend API (3.0)

Mend's enhanced API enables automation of workflows in a REST compliant format. The API features:

Access for any user with Mend credentials, via a user key available in the user's profile page in the Mend Platform.
Improved security with a JWT token per organization, which expires every 30 minutes.
Added scalability with support for cursor pagination and limiting results size.
Broader functionality available programmatically.
New standard API documentation for easy navigation and search.

If you have a dedicated instance of Mend, contact your Mend representative to access this API on your instance.

Download OpenAPI description

3.0.json

3.0.yaml

Servers

Generated server url

https://baseUrl/

Access Management

Operations

Administration - Groups

Operations

Administration - Users

Operations

Administration - Labels

Operations

Reports

Operations

Scans

Operations

Projects

Operations

Applications

Operations

Findings - Project

Operations

Update Root LibrarySecurity Finding (Dependencies - SCA)

Request

Changes a given security finding's status and comments

Path

projectUuidstringrequired

UUID of the project

rootLibraryUuidstringrequired

Alert UUID (by running the appropriate Get in Alerts - Project).

Bodyapplication/jsonrequired

statusstring(Alert Status)

Enum"ACTIVE""IGNORED"

commentstring(Alert Comment)<= 500 characters

Example: "This alert is not important"

application/json

{
  "status": "ACTIVE",
  "comment": "This alert is not important"
}

Responses

Bodyapplication/json

boolean

Response

application/json

true

Get Project Due Diligence Info (Dependencies - SCA)

Request

Returns a due diligence report listing the source and license information for all libraries in a project

Path

projectUuidstringrequired

UUID of the project

Query

limitstring<= 10000

Specifies the maximum number of items to be returned in the response.

Default "50"

cursorString

Parameter indicates the starting point for retrieving results, the first call doesn't include a cursor parameter in the request, the API response includes the first set of results along with a cursor pointing to the last item retrieved.

No request payload

Responses

Bodyapplication/json

additionalDataobject(Provides insights into endpoint-supported pagination information.)

totalItems: The total count of data points returned in an API response.

Example: {"totalItems":"422","next":"http://someUrl?cursor=3","cursor":3}

supportTokenstring(Support Token)

Example: "1171c60d"

responseArray of objects(DueDiligenceDTOV3)

Response

application/json

{
  "additionalData": {
    "totalItems": "422",
    "next": "http://someUrl?cursor=3",
    "cursor": 3
  },
  "supportToken": "1171c60d",
  "response": [
    { … }
  ]
}

Get In-House Libraries (Dependencies - SCA)

Request

Returns all libraries in a given project that have been designated as "In-House". They will not trigger any alerts or be included in license analysis.

Path

projectUuidstringrequired

UUID of the project

Query

limitstring<= 10000

Specifies the maximum number of items to be returned in the response.

Default "50"

cursorString

No request payload

Responses

Bodyapplication/json

additionalDataobject(Provides insights into endpoint-supported pagination information.)

totalItems: The total count of data points returned in an API response.

Example: {"totalItems":"422","next":"http://someUrl?cursor=3","cursor":3}

supportTokenstring(Support Token)

Example: "1171c60d"

responseArray of objects(LightLibraryDTO)

Response

application/json

{
  "additionalData": {
    "totalItems": "422",
    "next": "http://someUrl?cursor=3",
    "cursor": 3
  },
  "supportToken": "1171c60d",
  "response": [
    { … }
  ]
}

Get Project Libraries (Dependencies - SCA)

Request

Returns the set of libraries used by a particular project

Path

projectUuidstringrequired

UUID of the project

Query

limitstring<= 10000

Specifies the maximum number of items to be returned in the response.

Default "50"

cursorString

No request payload

Responses

Bodyapplication/json

additionalDataobject(Provides insights into endpoint-supported pagination information.)

totalItems: The total count of data points returned in an API response.

Example: {"totalItems":"422","next":"http://someUrl?cursor=3","cursor":3}

supportTokenstring(Support Token)

Example: "1171c60d"

responseArray of objects(LibraryDTO)

Response

application/json

{
  "additionalData": {
    "totalItems": "422",
    "next": "http://someUrl?cursor=3",
    "cursor": 3
  },
  "supportToken": "1171c60d",
  "response": [
    { … }
  ]
}

Get Root Libraries Security Finding (Dependencies - SCA)

Request

Get root libraries security findings for a given project

Path

projectUuidstringrequired

UUID of the project

No request payload

Responses

Bodyapplication/json

additionalDataobject(Provides insights into endpoint-supported pagination information.)

totalItems: The total count of data points returned in an API response.

Example: {"totalItems":"422","next":"http://someUrl?cursor=3","cursor":3}

supportTokenstring(Support Token)

Example: "1171c60d"

responseArray of objects(RootLibrarySecurityFindingDTO)

Response

application/json

{
  "additionalData": {
    "totalItems": "422",
    "next": "http://someUrl?cursor=3",
    "cursor": 3
  },
  "supportToken": "1171c60d",
  "response": [
    { … }
  ]
}

Get Project Security Findings (Dependencies - SCA)

Request

Returns all security findings for a given project

Path

projectUuidstringrequired

UUID of the project

Query

limitstring<= 10000

Specifies the maximum number of items to be returned in the response.

Default "50"

cursorString

No request payload

Responses

Bodyapplication/json

additionalDataobject(Provides insights into endpoint-supported pagination information.)

totalItems: The total count of data points returned in an API response.

Example: {"totalItems":"422","next":"http://someUrl?cursor=3","cursor":3}

supportTokenstring(Support Token)

Example: "1171c60d"

responseArray of objects(SecurityFindingDTO)

Response

application/json

{
  "additionalData": {
    "totalItems": "422",
    "next": "http://someUrl?cursor=3",
    "cursor": 3
  },
  "supportToken": "1171c60d",
  "response": [
    { … }
  ]
}

Get a list of project findings (Code - SAST)

Request

Get a list of findings for a specified project UUID.
This endpoint supports paging using cursor and limit parameters described in Parameters section below.

Path

projectUuidstringrequired

UUID of the project

Query

limitinteger

Specifies the maximum number of items to be returned in the response.

cursorString

No request payload

Responses

Bodyapplication/json

additionalDataobject

responseArray of objects(dto.FindingV3)

supportTokenstring

Response

application/json

{
  "additionalData": {
    "cursor": "1",
    "next": "https://domain.com/v3.0/resources?cursor=1"
  },
  "response": [
    { … }
  ],
  "supportToken": "string"
}

Get a project finding (Code - SAST)

Request

Get a project finding for a specified project and finding UUID.

Path

projectUuidstringrequired

UUID of the project

findingUuidstringrequired

UUID of the finding.

No request payload

Responses

Bodyapplication/json

additionalDataobject

responseobject(dto.FindingV3)

supportTokenstring

Response

application/json

{
  "additionalData": {},
  "response": {
    "ageRating": 0,
    "almIssues": { … },
    "appId": "string",
    "baseline": true,
    "comments": [ … ],
    "confidenceRating": 0,
    "createdTime": "string",
    "dataFlows": [ … ],
    "description": "string",
    "hasRemediation": true,
    "id": "string",
    "isNew": true,
    "issueStatus": 0,
    "projectId": "string",
    "rating": 0,
    "reviewed": true,
    "scanId": "string",
    "severity": "string",
    "severityRating": 0,
    "sharedStep": { … },
    "snapshotId": "string",
    "suppressed": true,
    "suppressedBy": "string",
    "suppressionMessage": "string",
    "suppressionTime": "string",
    "type": { … }
  },
  "supportToken": "string"
}

Get a project scan finding (Code - SAST)

Request

Get a project finding for a specified project, scan and finding UUID.

Path

projectUuidstringrequired

UUID of the project

scanUuidstringrequired

UUID of the project for which to get findings.

findingUuidstringrequired

UUID of the finding.

No request payload

Responses

Bodyapplication/json

additionalDataobject

responseobject(dto.FindingV3)

supportTokenstring

Response

application/json

{
  "additionalData": {},
  "response": {
    "ageRating": 0,
    "almIssues": { … },
    "appId": "string",
    "baseline": true,
    "comments": [ … ],
    "confidenceRating": 0,
    "createdTime": "string",
    "dataFlows": [ … ],
    "description": "string",
    "hasRemediation": true,
    "id": "string",
    "isNew": true,
    "issueStatus": 0,
    "projectId": "string",
    "rating": 0,
    "reviewed": true,
    "scanId": "string",
    "severity": "string",
    "severityRating": 0,
    "sharedStep": { … },
    "snapshotId": "string",
    "suppressed": true,
    "suppressedBy": "string",
    "suppressionMessage": "string",
    "suppressionTime": "string",
    "type": { … }
  },
  "supportToken": "string"
}

List latest image scan secrets findings (Containers)

Request

List the latest image scan secrets findings

Path

projectuuidstringrequired

UUID of the project

Query

cursorString

limitinteger

Specifies the maximum number of items to be returned in the response.

Default 1000

No request payload

Responses

Body*/*

additionalDataobject(common.AdditionalData)

responseArray of objects

supportTokenstring

Example: "659C0A4730"

List latest image scan security findings (Containers)

Request

List the latest image scan security findings

Path

projectuuidstringrequired

UUID of the project

Query

cursorString

limitinteger

Specifies the maximum number of items to be returned in the response.

Default 1000

No request payload

Responses

Bodyapplication/json

additionalDataobject(common.AdditionalData)

responseArray of objects

supportTokenstring

Example: "659C0A4730"

Response

application/json

{
  "additionalData": {
    "error": "string",
    "paging": { … },
    "totalItems": 100
  },
  "response": [
    { … }
  ],
  "supportToken": "659C0A4730"
}

List latest image scan packages (Containers)

Request

List the latest image scan packages

Path

projectuuidstringrequired

UUID of the project

Query

cursorString

limitinteger

Specifies the maximum number of items to be returned in the response.

Default 1000

No request payload

Responses

Bodyapplication/json

additionalDataobject(common.AdditionalData)

responseArray of objects

supportTokenstring

Example: "659C0A4730"

Response

application/json

{
  "additionalData": {
    "error": "string",
    "paging": { … },
    "totalItems": 100
  },
  "response": [
    { … }
  ],
  "supportToken": "659C0A4730"
}

Findings - Scan

Operations

Mend API (3.0)

Access Management

Administration - Groups

Administration - Users

Administration - Labels

Reports

Scans

Projects

Applications

Findings - Project

Update Root LibrarySecurity Finding (Dependencies - SCA)

Request

Responses

Was this helpful?

Get Project Due Diligence Info (Dependencies - SCA)

Request

Responses

Was this helpful?

Get In-House Libraries (Dependencies - SCA)

Request

Responses

Was this helpful?

Get Project Libraries (Dependencies - SCA)

Request

Responses

Was this helpful?

Get Root Libraries Security Finding (Dependencies - SCA)

Request

Responses

Was this helpful?

Get Project Security Findings (Dependencies - SCA)

Request

Responses

Was this helpful?

Get a list of project findings (Code - SAST)

Request

Responses

Was this helpful?

Get a project finding (Code - SAST)

Request

Responses

Was this helpful?

Get a project scan finding (Code - SAST)

Request

Responses

Was this helpful?

List latest image scan secrets findings (Containers)

Request

Responses

Was this helpful?

List latest image scan security findings (Containers)

Request

Responses

Was this helpful?

List latest image scan packages (Containers)

Request

Responses

Was this helpful?

Findings - Scan