Skip to content
Platform API 3.0
/
/
Search for library matche...

Mend API (3.0)

Mend's enhanced API enables automation of workflows in a REST compliant format. The API features:

  • Access for any user with Mend credentials, via a user key available in the user's profile page in the Mend Platform.
  • Improved security with a JWT token per organization, which expires every 30 minutes.
  • Added scalability with support for cursor pagination and limiting results size.
  • Broader functionality available programmatically.
  • New standard API documentation for easy navigation and search.

If you have a dedicated instance of Mend, contact your Mend representative to access this API on your instance.

Note: To help you get started with the Mend API 3.0, we recommend reviewing our onboarding guide -> Getting Started with API 3.0. This resource covers initial setup, authentication instructions, and helpful tips to help you successfully begin working with the Mend API 3.0.

Download OpenAPI description
3.0.json
3.0.yaml
Languages
Servers
Generated server url
https://baseUrl

Access Management

Operations

Administration - Groups

Operations

Administration - Users

Operations

Administration - Labels

Operations

Reports

Operations

Scans

Operations

Projects

Operations

Applications

Operations

Findings - Project

Operations

Findings - Scan

Operations

User Management - Permissions

Operations

Integrations

Operations

Source Files

Operations

Get project source files inventory

Request

Returns an inventory list of the source files associated with each library in a project. Supports filtering by library UUID using the search parameter. Example: ?search=libraryUuid==b366b0ef-b211-4c37-a47c-0077e4de709f

Security
bearer-key
Path
projectUuidstringrequired

UUID of the project

Query
limitstring<= 10000

Specifies the maximum number of items to be returned in the response.

Default "50"
cursorString

Parameter indicates the starting point for retrieving results, the first call doesn't include a cursor parameter in the request, the API response includes the first set of results along with a cursor pointing to the last item retrieved.

No request payload

Responses

OK

Bodyapplication/json
additionalDataobject(Provides insights into endpoint-supported pagination information.)
  • totalItems: The total count of data points returned in an API response.
Example: {"totalItems":"422","next":"http://someUrl?cursor=3","cursor":3}
supportTokenstring(Support Token)
Example: "1171c60d"
responseArray of objects(SourceFileInventoryDTOV3)
Response
application/json
{
  "additionalData": {
    "totalItems": "422",
    "next": "http://someUrl?cursor=3",
    "cursor": 3
  },
  "supportToken": "1171c60d",
  "response": [
    {}
  ]
}

Get Mend library suggestions for source files

Request

Returns Mend library suggestions for the specified source file UUIDs. Request body requires: sourceFileUuids (array), recommendedForAllFiles (boolean). Supports same search filters as searchForMatch: date, license, name, owner, version.

Security
bearer-key
Path
projectUuidstringrequired

UUID of the project

Bodyapplication/jsonrequired

Request body containing source file UUIDs and optional filters. Fields: sourceFileUuids (required, array of UUIDs), recommendedForAllFiles (required, boolean).

sourceFileUuidsArray of strings(Source File UUIDs)required
Example: ["123e4567-e89b-12d3-a456-426655440000"]
recommendedForAllFilesboolean(Recommended For All Files)required

Flag indicating whether to get recommendations that apply to all specified files. Required field.

Example: false
application/json
{
  "sourceFileUuids": [
    "123e4567-e89b-12d3-a456-426655440000"
  ],
  "recommendedForAllFiles": false
}

Responses

OK

Bodyapplication/json
supportTokenstring(Support Token)
Example: "1171c60d"
responseArray of objects(SourceLibraryResponseDTO_MatchSuggestions)
Response
application/json
{
  "supportToken": "1171c60d",
  "response": [
    {}
  ]
}

Search for library matches for source files

Request

Returns library match suggestions from Mend based on manual search criteria. Uses V3 MQL search format. Available search filters: date:between:date1,date2 (e.g., between:2019-05-01,2019-06-01), license:[like|regex]:value, name:[like|equals|regex]:value, owner:like:value, version:like:value. Example: ?search=name==openssl.

Security
bearer-key
Path
projectUuidstringrequired

UUID of the project

No request payload

Responses

OK

Bodyapplication/json
supportTokenstring(Support Token)
Example: "1171c60d"
responseArray of objects(SourceLibraryResponseDTO_SearchForMatch)
Response
application/json
{
  "supportToken": "1171c60d",
  "response": [
    {}
  ]
}

Get application source files inventory

Request

Returns a list of libraries together with the location of their source files. Supports filtering by library UUID using the search parameter. Example: ?search=libraryUuid==b366b0ef-b211-4c37-a47c-0077e4de709f

Security
bearer-key
Path
applicationUuidstringrequired

Application UUID (Administration > Applications)

Query
limitstring<= 10000

Specifies the maximum number of items to be returned in the response.

Default "50"
cursorString

Parameter indicates the starting point for retrieving results, the first call doesn't include a cursor parameter in the request, the API response includes the first set of results along with a cursor pointing to the last item retrieved.

No request payload

Responses

OK

Bodyapplication/json
additionalDataobject(Provides insights into endpoint-supported pagination information.)
  • totalItems: The total count of data points returned in an API response.
Example: {"totalItems":"422","next":"http://someUrl?cursor=3","cursor":3}
supportTokenstring(Support Token)
Example: "1171c60d"
responseArray of objects(SourceFileInventoryDTOV3)
Response
application/json
{
  "additionalData": {
    "totalItems": "422",
    "next": "http://someUrl?cursor=3",
    "cursor": 3
  },
  "supportToken": "1171c60d",
  "response": [
    {}
  ]
}

Get Mend library suggestions for source files

Request

Returns Mend library suggestions for the specified source file UUIDs. Request body requires: sourceFileUuids (array), recommendedForAllFiles (boolean). Supports same search filters as searchForMatch: date, license, name, owner, version.

Security
bearer-key
Path
applicationUuidstringrequired

Application UUID (Administration > Applications)

Bodyapplication/jsonrequired

Request body containing source file UUIDs and optional filters. Fields: sourceFileUuids (required, array of UUIDs), recommendedForAllFiles (required, boolean).

sourceFileUuidsArray of strings(Source File UUIDs)required
Example: ["123e4567-e89b-12d3-a456-426655440000"]
recommendedForAllFilesboolean(Recommended For All Files)required

Flag indicating whether to get recommendations that apply to all specified files. Required field.

Example: false
application/json
{
  "sourceFileUuids": [
    "123e4567-e89b-12d3-a456-426655440000"
  ],
  "recommendedForAllFiles": false
}

Responses

OK

Bodyapplication/json
supportTokenstring(Support Token)
Example: "1171c60d"
responseArray of objects(SourceLibraryResponseDTO_MatchSuggestions)
Response
application/json
{
  "supportToken": "1171c60d",
  "response": [
    {}
  ]
}

Search for library matches for source files

Request

Returns library match suggestions from Mend based on manual search criteria. Uses V3 MQL search format. Available search filters: date:between:date1,date2 (e.g., between:2019-05-01,2019-06-01), license:[like|regex]:value, name:[like|equals|regex]:value, owner:like:value, version:like:value. Example: ?search=name==openssl.

Security
bearer-key
Path
applicationUuidstringrequired

Application UUID (Administration > Applications)

No request payload

Responses

OK

Bodyapplication/json
supportTokenstring(Support Token)
Example: "1171c60d"
responseArray of objects(SourceLibraryResponseDTO_SearchForMatch)
Response
application/json
{
  "supportToken": "1171c60d",
  "response": [
    {}
  ]
}

Remap source files at application level

Request

Remaps the specified source files to a target library for the specified application(s). This operation runs asynchronously and returns 202 Accepted with async process status. Requires exactly one of: targetLibraryUuid OR matchSuggestionId (not both, not neither). Request body fields: applicationUuids (required, array), sourceFileUuids (required, array), targetLibraryUuid (conditional), matchSuggestionId (conditional), comment (optional), sendEmailNotification (optional, boolean).

Security
bearer-key
Path
orgUuidstringrequired

org UUID (from the Mend App: Administration General > Organization UUID).

Bodyapplication/jsonrequired

Request body containing remapping details. Fields: applicationUuids (required, array), sourceFileUuids (required, array), targetLibraryUuid (conditional, UUID string - use if remapping from search for a match), matchSuggestionId (conditional, base64 string - use if remapping from match suggestion), comment (optional, string), sendEmailNotification (optional, boolean). IMPORTANT: Provide exactly one of targetLibraryUuid OR matchSuggestionId, not both.

applicationUuidsArray of strings(Application UUIDs)
Example: ["123e4567-e89b-12d3-a456-426655440000"]
targetLibraryUuidstring(Target Library UUID)

The UUID of the library to which source files should be remapped. Exactly one of targetLibraryUuid or matchSuggestionId must be provided

Example: "123e4567-e89b-12d3-a456-426655440000"
matchSuggestionIdstring(Target Library Id)

The Id of the library to which source files should be remapped. Exactly one of targetLibraryUuid or matchSuggestionId must be provided

Example: "ZWJlMTZhZjYtMmE2YS00MWQ1LWFiNTQtYWQ3YWE3OWZhNzFl"
sourceFileUuidsArray of strings(Source File UUIDs)
Example: ["123e4567-e89b-12d3-a456-426655440000"]
commentstring(Comment)

Optional user comment explaining the reason for this remapping action

sendEmailNotificationboolean(Send Email Notification)

Whether to send email notification upon completion of the remapping operation

Example: true
application/json
{
  "applicationUuids": [
    "123e4567-e89b-12d3-a456-426655440000"
  ],
  "targetLibraryUuid": "123e4567-e89b-12d3-a456-426655440000",
  "matchSuggestionId": "ZWJlMTZhZjYtMmE2YS00MWQ1LWFiNTQtYWQ3YWE3OWZhNzFl",
  "sourceFileUuids": [
    "123e4567-e89b-12d3-a456-426655440000"
  ],
  "comment": "string",
  "sendEmailNotification": true
}

Responses

Remapping job accepted and initiated

Bodyapplication/json
uuidstring(Process UUID)

The unique identifier of the async process

Example: "caf69794-9882-4b55-82db-6b6da4fe2a92"
statusstring(Process Status)

The current status of the async process

Enum"PENDING""IN_PROGRESS""FAILED""FAILURE""SUCCESS"
Example: "PENDING"
userEmailstring(User Email)

Email of the user who initiated the process

Example: "user@example.com"
requestTokenstring(Request Token)

Short token for tracking the request

Example: "2cd6a43b"
Response
application/json
{
  "uuid": "caf69794-9882-4b55-82db-6b6da4fe2a92",
  "status": "PENDING",
  "userEmail": "user@example.com",
  "requestToken": "2cd6a43b"
}

Remap source files at organization level

Request

Remaps the specified source files to a target library across the entire organization. This operation runs asynchronously and returns 202 Accepted with async process status. Requires exactly one of: targetLibraryUuid OR matchSuggestionId (not both, not neither). Request body fields: sourceFileUuids (required, array), targetLibraryUuid (conditional), matchSuggestionId (conditional), comment (optional), sendEmailNotification (optional, boolean).

Security
bearer-key
Path
orgUuidstringrequired

org UUID (from the Mend App: Administration General > Organization UUID).

Bodyapplication/jsonrequired

Request body containing remapping details. Fields: sourceFileUuids (required, array), targetLibraryUuid (conditional, UUID string - use if remapping from search for a match), matchSuggestionId (conditional, base64 string - use if remapping from match suggestion), comment (optional, string), sendEmailNotification (optional, boolean). IMPORTANT: Provide exactly one of targetLibraryUuid OR matchSuggestionId, not both.

targetLibraryUuidstring(Target Library UUID)

The UUID of the library to which source files should be remapped. Exactly one of targetLibraryUuid or matchSuggestionId must be provided

Example: "123e4567-e89b-12d3-a456-426655440000"
matchSuggestionIdstring(Target Library Id)

The Id of the library to which source files should be remapped. Exactly one of targetLibraryUuid or matchSuggestionId must be provided

Example: "ZWJlMTZhZjYtMmE2YS00MWQ1LWFiNTQtYWQ3YWE3OWZhNzFl"
sourceFileUuidsArray of strings(Source File UUIDs)
Example: ["123e4567-e89b-12d3-a456-426655440000"]
commentstring(Comment)

Optional user comment explaining the reason for this remapping action

sendEmailNotificationboolean(Send Email Notification)

Whether to send email notification upon completion of the remapping operation

Example: true
application/json
{
  "targetLibraryUuid": "123e4567-e89b-12d3-a456-426655440000",
  "matchSuggestionId": "ZWJlMTZhZjYtMmE2YS00MWQ1LWFiNTQtYWQ3YWE3OWZhNzFl",
  "sourceFileUuids": [
    "123e4567-e89b-12d3-a456-426655440000"
  ],
  "comment": "string",
  "sendEmailNotification": true
}

Responses

Remapping job accepted and initiated

Bodyapplication/json
uuidstring(Process UUID)

The unique identifier of the async process

Example: "caf69794-9882-4b55-82db-6b6da4fe2a92"
statusstring(Process Status)

The current status of the async process

Enum"PENDING""IN_PROGRESS""FAILED""FAILURE""SUCCESS"
Example: "PENDING"
userEmailstring(User Email)

Email of the user who initiated the process

Example: "user@example.com"
requestTokenstring(Request Token)

Short token for tracking the request

Example: "2cd6a43b"
Response
application/json
{
  "uuid": "caf69794-9882-4b55-82db-6b6da4fe2a92",
  "status": "PENDING",
  "userEmail": "user@example.com",
  "requestToken": "2cd6a43b"
}

Reports - Account

Operations

Applications - SBOM Scans

Operations

Projects - SBOM Scans

Operations

Scans - SBOM

Operations

AI

Operations

Red Team

Operations