UUID of the project
Mend API (3.0)
Mend's enhanced API enables automation of workflows in a REST compliant format. The API features:
- Access for any user with Mend credentials, via a user key available in the user's profile page in the Mend Platform.
- Improved security with a JWT token per organization, which expires every 30 minutes.
- Added scalability with support for cursor pagination and limiting results size.
- Broader functionality available programmatically.
- New standard API documentation for easy navigation and search.
If you have a dedicated instance of Mend, contact your Mend representative to access this API on your instance.
- Generated server url
https://baseUrl/api/v3.0/projects/{projectUuid}/code/findings/{findingUuid}
- Payload
- cURL
- JS
- Go
- Ruby
- Java 8
No request payloadResponse
application/json
{ "additionalData": {}, "response": { "ageRating": 0, "almIssues": { … }, "appId": "string", "baseline": true, "comments": [ … ], "confidenceRating": 0, "correlatedDastFindingUuids": [ … ], "createdTime": "string", "dataFlows": [ … ], "description": "string", "hasRemediation": true, "id": "string", "isNew": true, "issueStatus": 0, "projectId": "string", "rating": 0, "refId": "string", "reviewed": true, "riskFactors": { … }, "scanId": "string", "severity": "string", "severityRating": 0, "sharedStep": { … }, "snapshotId": "string", "suppressed": true, "suppressedBy": "string", "suppressionMessage": "string", "suppressionTime": "string", "type": { … }, "workflowViolations": [ … ], "workflowViolationsCount": 0 }, "supportToken": "string" }
Bodyapplication/jsonrequired
Array of finding status update requests. Each item requires: status. For findings, either packageUUID or vulnerabilityName should be provided. For 'suppressed' status, reason is also required.
Enum"Acceptable risk""No fix available""No risk""Ignore"
Enum"suppressed""unreviewed""reviewed""suppress""Issue Created"
- Generated server url
https://baseUrl/api/v3.0/projects/{projectuuid}/images/findings
- Payload
- cURL
- JS
- Go
- Ruby
- Java 8
application/json
[ { "comment": "string", "packageUUID": "string", "reason": "Acceptable risk", "status": "suppressed", "vulnerabilityName": "string" } ]
Response
application/json
{ "additionalData": { "error": "string", "paging": { … }, "totalItems": 100 }, "response": { "failedPackageUUID": [ … ], "updatedStatuses": [ … ] }, "supportToken": "659C0A4730" }
Bodyapplication/jsonrequired
Package status update request. Required fields: status. For 'suppressed' status, reason is also required.
Enum"Acceptable risk""No fix available""No risk""Ignore"
Enum"suppressed""unreviewed""reviewed""suppress""Issue Created"
- Generated server url
https://baseUrl/api/v3.0/projects/{projectuuid}/images/findings/packages/{packageuuid}
- Payload
- cURL
- JS
- Go
- Ruby
- Java 8
application/json
{ "comment": "string", "packageUUID": "string", "reason": "Acceptable risk", "status": "suppressed", "vulnerabilityName": "string" }
Response
application/json
{ "additionalData": { "error": "string", "paging": { … }, "totalItems": 100 }, "response": { "applicationuuid": "string", "comment": "string", "createdAt": "2020-01-01T00:00:00Z", "detectTime": "string", "distribution": "string", "distributionVersion": "string", "email": "string", "orguuid": "string", "packageDistroID": 0, "packageName": "string", "packageUUID": "string", "packageVersion": "string", "projectuuid": "string", "reason": "string", "scanuuid": "string", "secretUUID": "string", "severity": "string", "status": "string", "updatedAt": "2020-01-01T00:00:00Z", "uuid": "c4f93b6d-8236-4d0c-a67b-3978def476a3", "vulnerabilityID": "string" }, "supportToken": "659C0A4730" }