Skip to content
Platform API 3.0
/
/
Update finding status (Co...

Mend API (3.0)

Mend's enhanced API enables automation of workflows in a REST compliant format. The API features:

  • Access for any user with Mend credentials, via a user key available in the user's profile page in the Mend Platform.
  • Improved security with a JWT token per organization, which expires every 30 minutes.
  • Added scalability with support for cursor pagination and limiting results size.
  • Broader functionality available programmatically.
  • New standard API documentation for easy navigation and search.

If you have a dedicated instance of Mend, contact your Mend representative to access this API on your instance.

Download OpenAPI description
3.0.json
3.0.yaml
Languages
Servers
Generated server url

https://baseUrl/

Access Management

Operations

Administration - Groups

Operations

Administration - Users

Operations

Administration - Labels

Operations

Reports

Operations

Scans

Operations

Projects

Operations

Applications

Operations

Findings - Project

Operations

List latest image scan security findings (Containers)

Request

List the latest image scan security findings

Path
projectuuidstringrequired

UUID of the project

Query
cursorString

Parameter indicates the starting point for retrieving results, the first call doesn't include a cursor parameter in the request, the API response includes the first set of results along with a cursor pointing to the last item retrieved.

limitinteger

Specifies the maximum number of items to be returned in the response.

Default 1000
No request payload

Responses

OK

Bodyapplication/json
additionalDataobject(common.AdditionalData)
responseArray of objects
supportTokenstring
Example: "659C0A4730"
Response
application/json
{
  "additionalData": {
    "error": "string",
    "paging": {},
    "totalItems": 100
  },
  "response": [
    {}
  ],
  "supportToken": "659C0A4730"
}

Update finding status (Containers)

Request

Update the status of a finding (e.g. suppress, review)

Path
projectuuidstringrequired

UUID of the project

findingidstringrequired

vulnerability ID (CVE)

Bodyapplication/jsonrequired

Finding status update request. Required fields: status. For 'suppressed' status, reason is also required.

commentstring
packageUUIDstring
reasonstring(model.FindingSuppressionReason)
Enum"Acceptable risk""No fix available""No risk""Ignore"
statusstring(model.FindingStatusType)required
Enum"suppressed""unreviewed""reviewed""suppress""Issue Created"
vulnerabilityNamestring
application/json
{
  "comment": "string",
  "packageUUID": "string",
  "reason": "Acceptable risk",
  "status": "suppressed",
  "vulnerabilityName": "string"
}

Responses

OK

Bodyapplication/json
additionalDataobject(common.AdditionalData)
responseobject
supportTokenstring
Example: "659C0A4730"
Response
application/json
{
  "additionalData": {
    "error": "string",
    "paging": {},
    "totalItems": 100
  },
  "response": {
    "applicationuuid": "string",
    "comment": "string",
    "createdAt": "2020-01-01T00:00:00Z",
    "detectTime": "string",
    "distribution": "string",
    "distributionVersion": "string",
    "email": "string",
    "orguuid": "string",
    "packageDistroID": 0,
    "packageName": "string",
    "packageUUID": "string",
    "packageVersion": "string",
    "projectuuid": "string",
    "reason": "string",
    "scanuuid": "string",
    "secretUUID": "string",
    "severity": "string",
    "status": "string",
    "updatedAt": "2020-01-01T00:00:00Z",
    "uuid": "c4f93b6d-8236-4d0c-a67b-3978def476a3",
    "vulnerabilityID": "string"
  },
  "supportToken": "659C0A4730"
}

List latest image scan packages (Containers)

Request

List the latest image scan packages

Path
projectuuidstringrequired

UUID of the project

Query
cursorString

Parameter indicates the starting point for retrieving results, the first call doesn't include a cursor parameter in the request, the API response includes the first set of results along with a cursor pointing to the last item retrieved.

limitinteger

Specifies the maximum number of items to be returned in the response.

Default 1000
No request payload

Responses

OK

Bodyapplication/json
additionalDataobject(common.AdditionalData)
responseArray of objects
supportTokenstring
Example: "659C0A4730"
Response
application/json
{
  "additionalData": {
    "error": "string",
    "paging": {},
    "totalItems": 100
  },
  "response": [
    {}
  ],
  "supportToken": "659C0A4730"
}

Findings - Scan

Operations

Integrations

Operations