Platform API 3.0

Download a report file

Mend API (3.0)

Mend's enhanced API enables automation of workflows in a REST compliant format. The API features:

Access for any user with Mend credentials, via a user key available in the user's profile page in the Mend Platform.
Improved security with a JWT token per organization, which expires every 30 minutes.
Added scalability with support for cursor pagination and limiting results size.
Broader functionality available programmatically.
New standard API documentation for easy navigation and search.

If you have a dedicated instance of Mend, contact your Mend representative to access this API on your instance.

Download OpenAPI description

3.0.json

3.0.yaml

Servers

Generated server url

https://baseUrl/

Access Management

Operations

Administration - Groups

Operations

Administration - Users

Operations

Administration - Labels

Operations

Reports

Operations

Get status of asynchronous report exporting process

Request

Path

orgUuidstringrequired

org UUID (from the Mend App: Administration General > Organization UUID).

reportUuidstringrequired

Asynchronous Process Status UUID.

No request payload

Responses

Bodyapplication/json

supportTokenstring(Support Token)

Example: "1171c60d"

responseobject(ReportExportProcessDTOV3)

Response

application/json

{
  "supportToken": "1171c60d",
  "response": {
    "uuid": "string",
    "name": "string",
    "scopeUuid": "string",
    "scopeName": "string",
    "subScopes": [ … ],
    "title": "string",
    "reportType": "attribution",
    "format": "json",
    "scopeType": "organization",
    "status": "PENDING",
    "createdBy": "string",
    "createdAt": "2019-08-24T14:15:22Z"
  }
}

Download a report file

Request

Path

orgUuidstringrequired

org UUID (from the Mend App: Administration General > Organization UUID).

reportUuidstringrequired

Asynchronous Process Status UUID.

No request payload

Responses

Bodyapplication/json

supportTokenstring(Support Token)

Example: "1171c60d"

responseobject(MessageDTO)

Response

application/json

{
  "supportToken": "1171c60d",
  "response": {
    "message": "Success!"
  }
}

Download a report file

Request

Path

orgUuidstringrequired

org UUID (from the Mend App: Administration General > Organization UUID).

reportUuidstringrequired

Asynchronous Process Status UUID.

No request payload

Responses

Get Reports

Request

Path

orgUuidstringrequired

org UUID (from the Mend App: Administration General > Organization UUID).

Query

cursorString

Parameter indicates the starting point for retrieving results, the first call doesn't include a cursor parameter in the request, the API response includes the first set of results along with a cursor pointing to the last item retrieved.

limitstring<= 10000

Specifies the maximum number of items to be returned in the response.

Default "50"

No request payload

Responses

Bodyapplication/json

additionalDataobject(Provides insights into endpoint-supported pagination information.)

totalItems: The total count of data points returned in an API response.

Example: {"totalItems":"422","next":"http://someUrl?cursor=3","cursor":3}

supportTokenstring(Support Token)

Example: "1171c60d"

responseArray of objects(ReportExportProcessDTOV3)

Response

application/json

{
  "additionalData": {
    "totalItems": "422",
    "next": "http://someUrl?cursor=3",
    "cursor": 3
  },
  "supportToken": "1171c60d",
  "response": [
    { … }
  ]
}

Export project Due Diligence report asynchronously

Request

Path

projectUuidstringrequired

UUID of the project

Bodyapplication/jsonrequired

namestring

formatstring

Enum"json""html""unknown""xml""excel""yaml""pdf""tv""rdf""csv"

sendEmailNotificationboolean

additionalParamsobject

application/json

{
  "name": "string",
  "format": "json",
  "sendEmailNotification": true,
  "additionalParams": {
    "property1": [ … ],
    "property2": [ … ]
  }
}

Responses

Bodyapplication/json

supportTokenstring(Support Token)

Example: "1171c60d"

responseobject(ReportExportProcessDTO)

Response

application/json

{
  "supportToken": "1171c60d",
  "response": {
    "uuid": "string",
    "name": "string",
    "scopeUuid": "string",
    "scopeName": "string",
    "subScopes": [ … ],
    "title": "string",
    "reportType": "attribution",
    "format": "json",
    "scopeType": "organization",
    "scopeUuidList": [ … ],
    "projectUuids": [ … ],
    "status": "PENDING",
    "createdBy": "string",
    "createdAt": "2019-08-24T14:15:22Z",
    "sendEmailNotification": true
  }
}

Export project SBOM report asynchronously

Request

Path

projectUuidstringrequired

UUID of the project

Bodyapplication/jsonrequired

namestring

formatstring

Enum"json""html""unknown""xml""excel""yaml""pdf""tv""rdf""csv"

sendEmailNotificationboolean

reportTypestring

Enum"attribution""inventory""vulnerabilities""securityAlerts""sbom""securityAlertsLibrary""Compliance""Findings""Suppressions""spdx"

maxDepthLevelinteger(int32)

includeVulnerabilitiesboolean

isMlBomReportboolean

additionalParamsobject

application/json

{
  "name": "string",
  "format": "json",
  "sendEmailNotification": true,
  "reportType": "attribution",
  "maxDepthLevel": 0,
  "includeVulnerabilities": true,
  "isMlBomReport": true,
  "additionalParams": {
    "property1": [ … ],
    "property2": [ … ]
  }
}

Responses

Bodyapplication/json

supportTokenstring(Support Token)

Example: "1171c60d"

responseobject(ReportExportProcessDTO)

Response

application/json

{
  "supportToken": "1171c60d",
  "response": {
    "uuid": "string",
    "name": "string",
    "scopeUuid": "string",
    "scopeName": "string",
    "subScopes": [ … ],
    "title": "string",
    "reportType": "attribution",
    "format": "json",
    "scopeType": "organization",
    "scopeUuidList": [ … ],
    "projectUuids": [ … ],
    "status": "PENDING",
    "createdBy": "string",
    "createdAt": "2019-08-24T14:15:22Z",
    "sendEmailNotification": true
  }
}

Export application Due Diligence report asynchronously

Request

Path

applicationIdentifierstringrequired

application UUID (application UUID by running Entities - Administration > Applications > UUID column).

Bodyapplication/jsonrequired

namestring

formatstring

Enum"json""html""unknown""xml""excel""yaml""pdf""tv""rdf""csv"

sendEmailNotificationboolean

projectUuidsArray of strings

additionalParamsobject

application/json

{
  "name": "string",
  "format": "json",
  "sendEmailNotification": true,
  "projectUuids": [
    "string"
  ],
  "additionalParams": {
    "property1": [ … ],
    "property2": [ … ]
  }
}

Responses

Bodyapplication/json

supportTokenstring(Support Token)

Example: "1171c60d"

responseobject(ReportExportProcessDTO)

Response

application/json

{
  "supportToken": "1171c60d",
  "response": {
    "uuid": "string",
    "name": "string",
    "scopeUuid": "string",
    "scopeName": "string",
    "subScopes": [ … ],
    "title": "string",
    "reportType": "attribution",
    "format": "json",
    "scopeType": "organization",
    "scopeUuidList": [ … ],
    "projectUuids": [ … ],
    "status": "PENDING",
    "createdBy": "string",
    "createdAt": "2019-08-24T14:15:22Z",
    "sendEmailNotification": true
  }
}

Export application SBOM report asynchronously

Request

Path

applicationIdentifierstringrequired

application UUID (application UUID by running Entities - Administration > Applications > UUID column).

Bodyapplication/jsonrequired

namestring

formatstring

Enum"json""html""unknown""xml""excel""yaml""pdf""tv""rdf""csv"

sendEmailNotificationboolean

projectUuidsArray of strings

reportTypestring

Enum"attribution""inventory""vulnerabilities""securityAlerts""sbom""securityAlertsLibrary""Compliance""Findings""Suppressions""spdx"

maxDepthLevelinteger(int32)

includeVulnerabilitiesboolean

isMlBomReportboolean

additionalParamsobject

application/json

{
  "name": "string",
  "format": "json",
  "sendEmailNotification": true,
  "projectUuids": [
    "string"
  ],
  "reportType": "attribution",
  "maxDepthLevel": 0,
  "includeVulnerabilities": true,
  "isMlBomReport": true,
  "additionalParams": {
    "property1": [ … ],
    "property2": [ … ]
  }
}

Responses

Bodyapplication/json

supportTokenstring(Support Token)

Example: "1171c60d"

responseobject(ReportExportProcessDTO)

Response

application/json

{
  "supportToken": "1171c60d",
  "response": {
    "uuid": "string",
    "name": "string",
    "scopeUuid": "string",
    "scopeName": "string",
    "subScopes": [ … ],
    "title": "string",
    "reportType": "attribution",
    "format": "json",
    "scopeType": "organization",
    "scopeUuidList": [ … ],
    "projectUuids": [ … ],
    "status": "PENDING",
    "createdBy": "string",
    "createdAt": "2019-08-24T14:15:22Z",
    "sendEmailNotification": true
  }
}

Scans

Operations

Projects

Operations

Applications

Operations

Findings - Project

Operations

Findings - Scan

Operations

Mend API (3.0)

Access Management

Administration - Groups

Administration - Users

Administration - Labels

Reports

Get status of asynchronous report exporting process

Request

Responses

Was this helpful?

Download a report file

Request

Responses

Was this helpful?

Download a report file

Request

Responses

Was this helpful?

Get Reports

Request

Responses

Was this helpful?

Export project Due Diligence report asynchronously

RequestExpand all

Responses

Was this helpful?

Export project SBOM report asynchronously

RequestExpand all

Responses

Was this helpful?

Export application Due Diligence report asynchronously

RequestExpand all

Responses

Was this helpful?

Export application SBOM report asynchronously

RequestExpand all

Responses

Was this helpful?

Scans

Projects

Applications

Findings - Project

Findings - Scan

Request

Request

Request

Request