Skip to content
Platform API 3.0
/
/
Export Code Application S...

Mend API (3.0)

Mend's enhanced API enables automation of workflows in a REST compliant format. The API features:

  • Access for any user with Mend credentials, via a user key available in the user's profile page in the Mend Platform.
  • Improved security with a JWT token per organization, which expires every 30 minutes.
  • Added scalability with support for cursor pagination and limiting results size.
  • Broader functionality available programmatically.
  • New standard API documentation for easy navigation and search.

If you have a dedicated instance of Mend, contact your Mend representative to access this API on your instance.

Note: To help you get started with the Mend API 3.0, we recommend reviewing our onboarding guide -> Getting Started with API 3.0. This resource covers initial setup, authentication instructions, and helpful tips to help you successfully begin working with the Mend API 3.0.

Download OpenAPI description
3.0.json
3.0.yaml
Languages
Servers
Generated server url
https://baseUrl/api/v3.0/

Access Management

Operations

Administration - Groups

Operations

Administration - Users

Operations

Administration - Labels

Operations

Reports

Operations

Export Images Application SBOM report asynchronously (Containers)

Request

Security
bearer-key
Path
applicationUuidstringrequired

application UUID.

Bodyapplication/jsonrequired
uuidstring
namestring
scopeUuidstring
scopeNamestring
subScopesArray of objects(EntityTreeDTO)
titlestring
reportTypestring
Enum"attribution""inventory""vulnerabilities""securityAlerts""sbom""securityAlertsLibrary""Compliance""Findings""Suppressions""spdx"
formatstring
Enum"json""html""unknown""xml""excel""yaml""pdf""tv""rdf""csv"
scopeTypestring
Enum"organization""product""project""unsupported"
scopeUuidListArray of strings
projectUuidsArray of strings
statusstring
Enum"PENDING""IN_PROGRESS""FAILED""SUCCESS"
createdBystring
createdAtstring(date-time)
sendEmailNotificationboolean
labelsUuidListArray of strings
application/json
{
  "uuid": "string",
  "name": "string",
  "scopeUuid": "string",
  "scopeName": "string",
  "subScopes": [
    {}
  ],
  "title": "string",
  "reportType": "attribution",
  "format": "json",
  "scopeType": "organization",
  "scopeUuidList": [
    "string"
  ],
  "projectUuids": [
    "string"
  ],
  "status": "PENDING",
  "createdBy": "string",
  "createdAt": "2019-08-24T14:15:22Z",
  "sendEmailNotification": true,
  "labelsUuidList": [
    "string"
  ]
}

Responses

OK

Bodyapplication/json
supportTokenstring(Support Token)
Example: "1171c60d"
responseobject(ReportExportProcessDTO)
Response
application/json
{
  "supportToken": "1171c60d",
  "response": {
    "uuid": "string",
    "name": "string",
    "scopeUuid": "string",
    "scopeName": "string",
    "subScopes": [],
    "title": "string",
    "reportType": "attribution",
    "format": "json",
    "scopeType": "organization",
    "scopeUuidList": [],
    "projectUuids": [],
    "status": "PENDING",
    "createdBy": "string",
    "createdAt": "2019-08-24T14:15:22Z",
    "sendEmailNotification": true,
    "labelsUuidList": []
  }
}

Export Code Application Suppressions report asynchronously (SAST)

Request

Security
bearer-key
Path
applicationUuidstringrequired

Application UUID (Administration > Applications)

Bodyapplication/jsonrequired
namestring
formatstring
Enum"json""html""unknown""xml""excel""yaml""pdf""tv""rdf""csv"
sendEmailNotificationboolean
labelsUuidListArray of strings
additionalParamsobject
application/json
{
  "name": "string",
  "format": "json",
  "sendEmailNotification": true,
  "labelsUuidList": [
    "string"
  ],
  "additionalParams": {
    "property1": [],
    "property2": []
  }
}

Responses

OK

Bodyapplication/json
supportTokenstring(Support Token)
Example: "1171c60d"
responseobject(ReportExportProcessDTO)
Response
application/json
{
  "supportToken": "1171c60d",
  "response": {
    "uuid": "string",
    "name": "string",
    "scopeUuid": "string",
    "scopeName": "string",
    "subScopes": [],
    "title": "string",
    "reportType": "attribution",
    "format": "json",
    "scopeType": "organization",
    "scopeUuidList": [],
    "projectUuids": [],
    "status": "PENDING",
    "createdBy": "string",
    "createdAt": "2019-08-24T14:15:22Z",
    "sendEmailNotification": true,
    "labelsUuidList": []
  }
}

Export Code Application Findings report asynchronously (SAST)

Request

Security
bearer-key
Path
applicationUuidstringrequired

Application UUID (Administration > Applications)

Bodyapplication/jsonrequired
namestring
formatstring
Enum"json""html""unknown""xml""excel""yaml""pdf""tv""rdf""csv"
sendEmailNotificationboolean
labelsUuidListArray of strings
additionalParamsobject
application/json
{
  "name": "string",
  "format": "json",
  "sendEmailNotification": true,
  "labelsUuidList": [
    "string"
  ],
  "additionalParams": {
    "property1": [],
    "property2": []
  }
}

Responses

OK

Bodyapplication/json
supportTokenstring(Support Token)
Example: "1171c60d"
responseobject(ReportExportProcessDTO)
Response
application/json
{
  "supportToken": "1171c60d",
  "response": {
    "uuid": "string",
    "name": "string",
    "scopeUuid": "string",
    "scopeName": "string",
    "subScopes": [],
    "title": "string",
    "reportType": "attribution",
    "format": "json",
    "scopeType": "organization",
    "scopeUuidList": [],
    "projectUuids": [],
    "status": "PENDING",
    "createdBy": "string",
    "createdAt": "2019-08-24T14:15:22Z",
    "sendEmailNotification": true,
    "labelsUuidList": []
  }
}

Scans

Operations

Projects

Operations

Applications

Operations

Findings - Project

Operations

Findings - Scan

Operations

SAST

Operations

Settings - Organization

Operations

Integrations

Operations

AI

Operations

Red Team

Operations