# Mend API

Mend's enhanced SCA API enables automation of workflows in a REST compliant format. The API features:
+ Access for any user with Mend credentials, via a user key available in the user's profile page in the Mend App.
+ Improved security with a JWT token per organization, which expires every 30 minutes.
+ Added scalability with support for pagination, filtering and sorting search results.
+ Broader functionality available programmatically.
+ New standard API documentation for easy navigation and search.

If you have a dedicated instance of Mend, contact your Mend representative to access this API on your instance.


Version: 3.0.1

## Servers

Generated server url
```
https://api-saas.mend.io
```

## Security

### bearer-key

JWT token Bearer

Type: http
Scheme: bearer
Bearer Format: JWT

## Download OpenAPI description

[Mend API](https://api-docs.mend.io/_spec/sca/2.0.yaml)

## Entities - Project

### Reassign Project

 - [PUT /api/v2.0/projects/{projectToken}/reassign/{productToken}](https://api-docs.mend.io/sca/2.0/entities-project/changeassignment.md): Reassigns a project from one product to another.

### Get Project

 - [GET /api/v2.0/projects/{projectToken}](https://api-docs.mend.io/sca/2.0/entities-project/getentity.md): Returns the project identified by its token

### Rename Project

 - [PUT /api/v2.0/projects/{projectToken}](https://api-docs.mend.io/sca/2.0/entities-project/updateproject.md): Renames the project identified by its token.

### Remove Project

 - [DELETE /api/v2.0/projects/{projectToken}](https://api-docs.mend.io/sca/2.0/entities-project/removeentity.md): Deletes the project identified by its token

### Get Project Vitals

 - [GET /api/v2.0/projects/{projectToken}/vitals](https://api-docs.mend.io/sca/2.0/entities-project/getvitals.md): Returns basic information about a given project

## Policies - Project

### Get Project Policy

 - [GET /api/v2.0/projects/{projectToken}/policies/{policyUuid}](https://api-docs.mend.io/sca/2.0/policies-project/getcontextpolicy.md): Returns a single policy in a given project

### Update Project Policy

 - [PUT /api/v2.0/projects/{projectToken}/policies/{policyUuid}](https://api-docs.mend.io/sca/2.0/policies-project/updatepolicy.md): Updates a policy for a given project

### Delete Project Policy

 - [DELETE /api/v2.0/projects/{projectToken}/policies/{policyUuid}](https://api-docs.mend.io/sca/2.0/policies-project/deletepolicy.md): Deletes a policy for a given project

### Update Project Policy Priorities

 - [PUT /api/v2.0/projects/{projectToken}/policies/priority](https://api-docs.mend.io/sca/2.0/policies-project/updatepriorities.md): Updates the priority of policies in a given project. Policies are numbered and then evaluated sequentially. The request body should contain a list of policy UUIDs in the desired order, starting from highest priority. The service returns a list or ordered policies.

### Apply Project Policies on Inventory

 - [POST /api/v2.0/projects/{projectToken}/policies/apply](https://api-docs.mend.io/sca/2.0/policies-project/applyoninventory.md): After initiating this call, the process will be performed asynchronously in the background. To check the status of the process and retrieve the final outcome, use the "Get Async Process Status" request.

### Get Project Policies

 - [GET /api/v2.0/projects/{projectToken}/policies](https://api-docs.mend.io/sca/2.0/policies-project/getcontextpolicies.md): Returns all of the policies of a given project

### Create Project Policy

 - [POST /api/v2.0/projects/{projectToken}/policies](https://api-docs.mend.io/sca/2.0/policies-project/createpolicy.md): Creates a new policy for a given project

## CustomAttribute - Project

### Set Custom Attribute

 - [PUT /api/v2.0/projects/{projectToken}/libraries/{libraryUuid}/customAttributes/{attributeUuid}/value](https://api-docs.mend.io/sca/2.0/customattribute-project/setcustomattributevalue.md): Edits the value of a custom attribute for a specified library, attribute, and context.

## Alerts - Project

### Update Security Alert

 - [PUT /api/v2.0/projects/{projectToken}/alerts/security/{alertUuid}](https://api-docs.mend.io/sca/2.0/alerts-project/updatesecurityalert.md): Changes a given security alert's status and comments

### Update Library Security Alert

 - [PUT /api/v2.0/projects/{projectToken}/alerts/security/library/{libraryUuid}](https://api-docs.mend.io/sca/2.0/alerts-project/updatelibrarysecurityalert.md): Updates the status of a library security alert

### Update Legal And Compliance Alert

 - [PUT /api/v2.0/projects/{projectToken}/alerts/legal/{alertUuid}](https://api-docs.mend.io/sca/2.0/alerts-project/updatelegalandcompliancealert.md): Updates the status of the legal and compliance alerts for a given project

### Get Security Alerts By Library

 - [GET /api/v2.0/projects/{projectToken}/alerts/security/groupBy/component](https://api-docs.mend.io/sca/2.0/alerts-project/getlibrarysecurityvulnerabilityalerts.md): Returns all security alerts for a given project, including library and severity information, arranged by library

### Get project security alerts

 - [GET /api/v2.0/projects/{projectToken}/alerts/security](https://api-docs.mend.io/sca/2.0/alerts-project/getsecurityvulnerabilityalerts.md): Returns all security alerts for a given project, including library and severity information

### Get project legal and compliance alerts

 - [GET /api/v2.0/projects/{projectToken}/alerts/legal](https://api-docs.mend.io/sca/2.0/alerts-project/getlegalandcompliancealerts.md): Returns a list of legal and compliance alerts arising from licensing issues (not vulnerabilities) for a given project

## project-attribution-report-controller

### Update attribution report library settings

 - [PUT /api/v2.0/projects/{projectIdentifier}/libraries/{libraryUuid}/settings/attributionReport](https://api-docs.mend.io/sca/2.0/project-attribution-report-controller/updateattributionreportlibrarysettings.md): Update library settings to be reflected in the attribution report

## Policies - Product

### Get Product Policy

 - [GET /api/v2.0/products/{productToken}/policies/{policyUuid}](https://api-docs.mend.io/sca/2.0/policies-product/getcontextpolicy_1.md): Returns a single policy in a given product

### Update Product Policy

 - [PUT /api/v2.0/products/{productToken}/policies/{policyUuid}](https://api-docs.mend.io/sca/2.0/policies-product/updatepolicy_1.md): Updates a policy for a given product

### Delete Product Policy

 - [DELETE /api/v2.0/products/{productToken}/policies/{policyUuid}](https://api-docs.mend.io/sca/2.0/policies-product/deletepolicy_1.md): Deletes a policy for a given product

### Update Product Policy Priorities

 - [PUT /api/v2.0/products/{productToken}/policies/priority](https://api-docs.mend.io/sca/2.0/policies-product/updatepriorities_1.md): Updates the priority of policies in a given product. Policies are numbered and then evaluated sequentially. The request body should contain a list of policy UUIDs in the desired order, starting from highest priority. The service returns a list or ordered policies.

### Apply Product Policies On Inventory

 - [POST /api/v2.0/products/{productToken}/policies/apply](https://api-docs.mend.io/sca/2.0/policies-product/applyoninventory_1.md): After initiating this call, the process will be performed asynchronously in the background. To check the status of the process and retrieve the final outcome, use the "Get Async Process Status" request.

### Get Product Policies

 - [GET /api/v2.0/products/{productToken}/policies](https://api-docs.mend.io/sca/2.0/policies-product/getcontextpolicies_1.md): Returns all policies of a given product

### Create Product Policy

 - [POST /api/v2.0/products/{productToken}/policies](https://api-docs.mend.io/sca/2.0/policies-product/createpolicy_1.md): Creates a new policy for a given product

## CustomAttribute - Product

### Set Custom Attribute

 - [PUT /api/v2.0/products/{productToken}/libraries/{libraryUuid}/customAttributes/{attributeUuid}/value](https://api-docs.mend.io/sca/2.0/customattribute-product/setcustomattributevalue_1.md): Edits the value of a custom attribute for a specified library, attribute, and context.

## Entities - Product

### Get Product

 - [GET /api/v2.0/products/{productToken}](https://api-docs.mend.io/sca/2.0/entities-product/getentity_1.md): Returns a product as identified by its token

### Rename Product

 - [PUT /api/v2.0/products/{productToken}](https://api-docs.mend.io/sca/2.0/entities-product/updateproduct.md): Renames the product identified by its token

### Remove Product

 - [DELETE /api/v2.0/products/{productToken}](https://api-docs.mend.io/sca/2.0/entities-product/removeentity_1.md): Deletes a product as identified by its token

### Get Product Projects

 - [GET /api/v2.0/products/{productToken}/projects](https://api-docs.mend.io/sca/2.0/entities-product/getprojects.md): Returns a list of the projects and their tokens for a given product

### Create Project

 - [POST /api/v2.0/products/{productToken}/projects](https://api-docs.mend.io/sca/2.0/entities-product/createproject.md): Creates a new project within a given product. If the project already exists it returns the existing project.

## Settings - Whitelist

### Update single Whitelist Rule

 - [PUT /api/v2.0/orgs/{orgToken}/settings/whiteList/{uuid}](https://api-docs.mend.io/sca/2.0/settings-whitelist/updateorgwhitelistsettings.md): Updates the properties of a single whitelist rule of an organization, including matching libraries, their vulnerability scores and the actions to take

### Delete Single Whitelist Rule

 - [DELETE /api/v2.0/orgs/{orgToken}/settings/whiteList/{uuid}](https://api-docs.mend.io/sca/2.0/settings-whitelist/deleteorgwhitelistsettings.md): Deletes one of the whitelist rules of an organization

### Update Whitelist Rules

 - [PUT /api/v2.0/orgs/{orgToken}/settings/whiteList/rules](https://api-docs.mend.io/sca/2.0/settings-whitelist/updatewhitelistrulessettings.md): Updates an organization's whitelist rules for vulnerability scores and the actions to take with libraries that appear in the whitelist

### Add Whitelist Rules

 - [POST /api/v2.0/orgs/{orgToken}/settings/whiteList/rules](https://api-docs.mend.io/sca/2.0/settings-whitelist/addwhitelistrulessettings.md): Creates multiple new whitelist rules for an organization, defining which libraries to match, their vulnerability scores and the actions to take. Whitelisted libraries have been pre-approved by your organization so no policy alerts will be created for them during scans, and they will be ignored by all organizational policies.

### Delete Whitelist Rules

 - [DELETE /api/v2.0/orgs/{orgToken}/settings/whiteList/rules](https://api-docs.mend.io/sca/2.0/settings-whitelist/deletewhitelistrulessettings.md): Deletes all of the whitelist rules of an organization

### Apply Whitelist Rules to Existing Inventory

 - [PUT /api/v2.0/orgs/{orgToken}/settings/whiteList/apply](https://api-docs.mend.io/sca/2.0/settings-whitelist/applywhitelistrules.md): Applies the current whitelist rules to an organization's inventory. Whitelisted libraries are pre-approved by the organization so no policy alerts will be created for them, and they will be ignored by all organizational policies.

### Get All Whitelist Rules

 - [GET /api/v2.0/orgs/{orgToken}/settings/whiteList](https://api-docs.mend.io/sca/2.0/settings-whitelist/getorgwhitelistsettings.md): Retrieves all of the whitelist rules of an organization. Whitelisted libraries are pre-approved by the organization so no policy alerts will be created for them, and they will be ignored by all organizational policies

### Add Single Whitelist Rule

 - [POST /api/v2.0/orgs/{orgToken}/settings/whiteList](https://api-docs.mend.io/sca/2.0/settings-whitelist/addorgwhitelistsettings.md): Creates a new whitelist rule for an organization, defining which libraries to match along, their vulnerability scores and the actions to take. Whitelisted libraries have been pre-approved by your organization so no policy alerts will be created for them during scans, and they will be ignored by all organizational policies.

## Settings - In-House

### Update single InHouse Rule

 - [PUT /api/v2.0/orgs/{orgToken}/settings/inHouse/{ruleUuid}](https://api-docs.mend.io/sca/2.0/settings-in-house/updateinhouserule.md): Updates a single In-House library rule

### Delete Single In-House Rule

 - [DELETE /api/v2.0/orgs/{orgToken}/settings/inHouse/{ruleUuid}](https://api-docs.mend.io/sca/2.0/settings-in-house/deleteinhouserule.md): Deletes a single In-House library rule

### Update Multiple In-House Rules

 - [PUT /api/v2.0/orgs/{orgToken}/settings/inHouse/rules](https://api-docs.mend.io/sca/2.0/settings-in-house/updateallowlistrulessettings.md): Updates the pattern-mat§ching rules of an In-House library rule

### Create Multiple In-House Rules

 - [POST /api/v2.0/orgs/{orgToken}/settings/inHouse/rules](https://api-docs.mend.io/sca/2.0/settings-in-house/addinhouserules.md): Creates one or more in-house library rules

### Delete multiple InhHouse rules

 - [DELETE /api/v2.0/orgs/{orgToken}/settings/inHouse/rules](https://api-docs.mend.io/sca/2.0/settings-in-house/deleteinhouserules.md): Deletes one or more in-house library rules

### Apply In-House Rules

 - [PUT /api/v2.0/orgs/{orgToken}/settings/inHouse/apply](https://api-docs.mend.io/sca/2.0/settings-in-house/applywhitelistrules_1.md): Applies the current In-House library rules to a given organization. Use this request after creating and/or updating In-House rules

### Get In-House Settings

 - [GET /api/v2.0/orgs/{orgToken}/settings/inHouse](https://api-docs.mend.io/sca/2.0/settings-in-house/getorgproprietaryrules.md): Returns a list of all In-House library rules for a given organization

### Create Single In-House Rule

 - [POST /api/v2.0/orgs/{orgToken}/settings/inHouse](https://api-docs.mend.io/sca/2.0/settings-in-house/addproprietaryrule.md): Creates a single In-House rule to match libraries by name or maven coordinates (artifact id, group id) and designate these libraries as known, trusted entities

## Policies - Organization

### Get organization policy

 - [GET /api/v2.0/orgs/{orgToken}/policies/{policyUuid}](https://api-docs.mend.io/sca/2.0/policies-organization/getcontextpolicy_2.md): Returns the given policy for a particular organization

### Update Organization Policy

 - [PUT /api/v2.0/orgs/{orgToken}/policies/{policyUuid}](https://api-docs.mend.io/sca/2.0/policies-organization/updatepolicy_2.md): Updates a policy of a given organization

### Delete Organization Policy

 - [DELETE /api/v2.0/orgs/{orgToken}/policies/{policyUuid}](https://api-docs.mend.io/sca/2.0/policies-organization/deletepolicy_2.md): Deletes the given policy for an organization

### Update Organization Policy Priorities

 - [PUT /api/v2.0/orgs/{orgToken}/policies/priority](https://api-docs.mend.io/sca/2.0/policies-organization/updatepriorities_2.md): Updates the priority of policies in a given organization. Policies are numbered and then evaluated sequentially. The request body should contain a list of policy UUIDs in the desired order, starting from highest priority. The service returns a list or ordered policies.

### Apply Organization Policies On Inventory

 - [POST /api/v2.0/orgs/{orgToken}/policies/apply](https://api-docs.mend.io/sca/2.0/policies-organization/applyoninventory_2.md): After initiating this call, the process will be performed asynchronously in the background. To check the status of the process and retrieve the final outcome, use the "Get Async Process Status" request.

### Get organization policies

 - [GET /api/v2.0/orgs/{orgToken}/policies](https://api-docs.mend.io/sca/2.0/policies-organization/getcontextpolicies_2.md): Returns all of the policies of a given organization

### Create Organization Policy

 - [POST /api/v2.0/orgs/{orgToken}/policies](https://api-docs.mend.io/sca/2.0/policies-organization/createpolicy_2.md): Creates a new policy for a given organization

## CustomAttribute - Organization

### Set Custom Attribute

 - [PUT /api/v2.0/orgs/{orgToken}/libraries/{libraryUuid}/customAttributes/{attributeUuid}/value](https://api-docs.mend.io/sca/2.0/customattribute-organization/setcustomattributevalue_2.md): Edits the value of a custom attribute for a specified library, attribute, and context.

### Get Organization Custom Attributes

 - [GET /api/v2.0/orgs/{orgToken}/customAttributes](https://api-docs.mend.io/sca/2.0/customattribute-organization/getcustomattributes.md): Retrieves all custom attributes in the given organization

## User Management - Groups

### Get Group

 - [GET /api/v2.0/orgs/{orgToken}/groups/{groupUuid}](https://api-docs.mend.io/sca/2.0/user-management-groups/getgroup.md): Returns the given group of an organization

### Update Group

 - [PUT /api/v2.0/orgs/{orgToken}/groups/{groupUuid}](https://api-docs.mend.io/sca/2.0/user-management-groups/updategroup.md): Updates the properties of a given group

### Delete Group

 - [DELETE /api/v2.0/orgs/{orgToken}/groups/{groupUuid}](https://api-docs.mend.io/sca/2.0/user-management-groups/deletegroup.md): Deletes the given group

### Get Group Users

 - [GET /api/v2.0/orgs/{orgToken}/groups/{groupUuid}/users](https://api-docs.mend.io/sca/2.0/user-management-groups/getgroupusers.md): Returns a list of users that belong to given group

### Add User To Group

 - [POST /api/v2.0/orgs/{orgToken}/groups/{groupUuid}/users](https://api-docs.mend.io/sca/2.0/user-management-groups/adduserstogroup.md): Adds a user to an organization's group

### Get Group Roles

 - [GET /api/v2.0/orgs/{orgToken}/groups/{groupUuid}/roles](https://api-docs.mend.io/sca/2.0/user-management-groups/getgrouproles.md): Returns the list of roles associated with a given group

### Add Group Role

 - [POST /api/v2.0/orgs/{orgToken}/groups/{groupUuid}/roles](https://api-docs.mend.io/sca/2.0/user-management-groups/addgrouproles.md): Creates a new group role for an organization

### Remove Group Roles

 - [DELETE /api/v2.0/orgs/{orgToken}/groups/{groupUuid}/roles](https://api-docs.mend.io/sca/2.0/user-management-groups/removegrouproles.md): Deletes a role from a group

### Get All Groups of organization

 - [GET /api/v2.0/orgs/{orgToken}/groups](https://api-docs.mend.io/sca/2.0/user-management-groups/getallorganizationgroups.md): Returns a list of all groups within an organization

### Create Group

 - [POST /api/v2.0/orgs/{orgToken}/groups](https://api-docs.mend.io/sca/2.0/user-management-groups/creategroup.md): Creates a new group for an organization

### Delete User From Group

 - [DELETE /api/v2.0/orgs/{orgToken}/groups/{groupUuid}/users/{userUuid}](https://api-docs.mend.io/sca/2.0/user-management-groups/deleteuserfromgroup.md): Deletes a user from an organization's group

## Entities - Organization

### Get Organization

 - [GET /api/v2.0/orgs/{orgToken}](https://api-docs.mend.io/sca/2.0/entities-organization/getentity_2.md): Returns an organization as identified by its token. 

### Rename Organization

 - [PUT /api/v2.0/orgs/{orgToken}](https://api-docs.mend.io/sca/2.0/entities-organization/updatedomain.md): Renames the organization identified by its token

### Get Organization Projects

 - [GET /api/v2.0/orgs/{orgToken}/projects](https://api-docs.mend.io/sca/2.0/entities-organization/getprojects_1.md): Returns a list of all projects accessible to the current user

### Create Project With A New Product

 - [POST /api/v2.0/orgs/{orgToken}/projects](https://api-docs.mend.io/sca/2.0/entities-organization/createproject_1.md): Creates a new project within a new product. If project name exists will return existing project

### Get Organization Products

 - [GET /api/v2.0/orgs/{orgToken}/products](https://api-docs.mend.io/sca/2.0/entities-organization/getproducts.md): Returns a list of all products accessible to the current user

### Create Product

 - [POST /api/v2.0/orgs/{orgToken}/products](https://api-docs.mend.io/sca/2.0/entities-organization/createproduct.md): Creates a new product, If the product already exists it returns the existing product

### Get User Organizations

 - [GET /api/v2.0/orgs](https://api-docs.mend.io/sca/2.0/entities-organization/getuserdomains.md): Returns a list of all organizations where the current user is a member.

### Create Organization

 - [POST /api/v2.0/orgs](https://api-docs.mend.io/sca/2.0/entities-organization/createdomain.md): Creates a new organization

### Get Organization Product Entities

 - [GET /api/v2.0/orgs/{orgToken}/productEntities](https://api-docs.mend.io/sca/2.0/entities-organization/getdomainproductentities.md): Returns extended product information for all products in an organization

### Get Organization Entities

 - [GET /api/v2.0/orgs/{orgToken}/entities](https://api-docs.mend.io/sca/2.0/entities-organization/getdomainentities.md): Returns all projects and their associated product for a given organization.

### Change Organization

 - [GET /api/v2.0/orgs/{orgToken}/changeOrganization/{otherOrgToken}](https://api-docs.mend.io/sca/2.0/entities-organization/changedomain.md): You can access a different organization by asking for a new JWT token for the new org. The previous JWT is still valid for the previous org until it expires. All JWT tokens are valid for 30 minutes.

### Get User Organizations

 - [GET /api/v2.0/orgs](https://api-docs.mend.io/sca/2.0/access-management-organizations/getuserdomains.md): Returns a list of all organizations where the current user is a member.

### Change Organization

 - [GET /api/v2.0/orgs/{orgToken}/changeOrganization/{otherOrgToken}](https://api-docs.mend.io/sca/2.0/access-management-organizations/changedomain.md): You can access a different organization by asking for a new JWT token for the new org. The previous JWT is still valid for the previous org until it expires. All JWT tokens are valid for 30 minutes.

## Access Management - Organizations

### Get User Organizations

 - [GET /api/v2.0/orgs](https://api-docs.mend.io/sca/2.0/entities-organization/getuserdomains.md): Returns a list of all organizations where the current user is a member.

### Change Organization

 - [GET /api/v2.0/orgs/{orgToken}/changeOrganization/{otherOrgToken}](https://api-docs.mend.io/sca/2.0/entities-organization/changedomain.md): You can access a different organization by asking for a new JWT token for the new org. The previous JWT is still valid for the previous org until it expires. All JWT tokens are valid for 30 minutes.

### Get User Organizations

 - [GET /api/v2.0/orgs](https://api-docs.mend.io/sca/2.0/access-management-organizations/getuserdomains.md): Returns a list of all organizations where the current user is a member.

### Change Organization

 - [GET /api/v2.0/orgs/{orgToken}/changeOrganization/{otherOrgToken}](https://api-docs.mend.io/sca/2.0/access-management-organizations/changedomain.md): You can access a different organization by asking for a new JWT token for the new org. The previous JWT is still valid for the previous org until it expires. All JWT tokens are valid for 30 minutes.

## User Profile

### Get All User Keys

 - [GET /api/v2.0/profile/userKeys](https://api-docs.mend.io/sca/2.0/user-profile/getuserkeys.md): Returns a list of existing user-keys for the current user. These keys are included in all API requests to identify the user

### Generate User Key

 - [POST /api/v2.0/profile/userKeys](https://api-docs.mend.io/sca/2.0/user-profile/generateuserkey.md): Generates a user-key for the current user. User-keys are included in all api requests to identify the user

### Delete User Key

 - [DELETE /api/v2.0/profile/userKeys/{userKey}](https://api-docs.mend.io/sca/2.0/user-profile/deleteuserkey.md): Deletes a user-key

## Library - Product

### Get Product Libraries by project Ids

 - [POST /api/v2.0/products/{productToken}/libraries/byProjects](https://api-docs.mend.io/sca/2.0/library-product/getlibrariesbyprojectids.md): Returns all libraries that are included in a given projects

### Get Product Library Vulnerabilities

 - [GET /api/v2.0/products/{productToken}/libraries/{libraryUuid}/vulnerabilities](https://api-docs.mend.io/sca/2.0/library-product/getlibraryvulnerabilities_1.md): Returns a list of the vulnerabilities in the libraries of a given product

### Get Library Projects

 - [GET /api/v2.0/products/{productToken}/libraries/{libraryUuid}/projects](https://api-docs.mend.io/sca/2.0/library-product/getlibraryprojects.md): Returns all of the projects in a particular product that contain a given library 

### Get Product Due Diligence Info

 - [GET /api/v2.0/products/{productToken}/libraries/licenses](https://api-docs.mend.io/sca/2.0/library-product/getduediligenceinfobymultiplecontexts_1.md): Returns a due diligence report listing the source and license information for all libraries in a product

### Get In-House Libraries

 - [GET /api/v2.0/products/{productToken}/libraries/inHouse](https://api-docs.mend.io/sca/2.0/library-product/getproprietarylibraries_1.md): Returns all libraries in a given product that have been designated as "In-House". They will not trigger any alerts or be included in license analysis. so that they will not trigger any alerts or be included in license analysis.

### Get Product Libraries

 - [GET /api/v2.0/products/{productToken}/libraries](https://api-docs.mend.io/sca/2.0/library-product/getlibraries_1.md): Returns all libraries that are included in a given product

## User Management - Users

### Regenerate Service User Key

 - [POST /api/v2.0/orgs/{orgToken}/users/service/{userUuid}/regenerateUserKey](https://api-docs.mend.io/sca/2.0/user-management-users/regenerateserviceuserkey.md): Removes current service user's key and creates a new one

### Create Service User

 - [POST /api/v2.0/orgs/{orgToken}/users/service](https://api-docs.mend.io/sca/2.0/user-management-users/createserviceuser.md): Creates a new service user

### Create Scan summary receiver User

 - [POST /api/v2.0/orgs/{orgToken}/users/scan-summary-receiver-user](https://api-docs.mend.io/sca/2.0/user-management-users/createscansummaryreceiveruser.md): Creates a new scan summary receiver user 

### Invite User

 - [POST /api/v2.0/orgs/{orgToken}/users/invite](https://api-docs.mend.io/sca/2.0/user-management-users/inviteuser.md): Sends an email invitation to others to join an organization

### Get Enriched Organization Users

 - [POST /api/v2.0/orgs/{orgToken}/users/info](https://api-docs.mend.io/sca/2.0/user-management-users/getenricheduserinfo.md): Returns detailed information about an organization's users

### Get Organization Users

 - [GET /api/v2.0/orgs/{orgToken}/users](https://api-docs.mend.io/sca/2.0/user-management-users/getuserspaginated.md): Returns a list of all users in an organization (paginated)

### Create User

 - [POST /api/v2.0/orgs/{orgToken}/users](https://api-docs.mend.io/sca/2.0/user-management-users/createuser.md): Creates a new user

### Get Service User Key

 - [GET /api/v2.0/orgs/{orgToken}/users/service/{userUuid}/userKey](https://api-docs.mend.io/sca/2.0/user-management-users/getserviceuserskey.md): Returns service user's key

### Get self information of groups and roles

 - [GET /api/v2.0/orgs/{orgToken}/users/self](https://api-docs.mend.io/sca/2.0/user-management-users/getselfuserinfo.md): Returns information about the currently logged-in user, including group membership and roles

### Remove User From Organization

 - [DELETE /api/v2.0/orgs/{orgToken}/users/{userUuid}](https://api-docs.mend.io/sca/2.0/user-management-users/removeuser.md): Deletes a user from an organization

## Update Request

### Upload Update Request

 - [POST /api/v2.0/orgs/{orgToken}/updateRequest](https://api-docs.mend.io/sca/2.0/update-request/uploadupdaterequest.md): Uploads information about a project's files, packages and dependencies, to be checked against Mend’s open source index, with the results viewable in the web app.

## Library - Organization

### Get Library Notices

 - [GET /api/v2.0/orgs/{orgToken}/libraries/{libraryUuid}/notices](https://api-docs.mend.io/sca/2.0/library-organization/getlibrarynotices.md): Returns the text of a library's notice

### Set Library Notice

 - [POST /api/v2.0/orgs/{orgToken}/libraries/{libraryUuid}/notices](https://api-docs.mend.io/sca/2.0/library-organization/setlibrarynotice.md): Edits or adds a custom notice for a given library

### Assign Library License

 - [POST /api/v2.0/orgs/{orgToken}/libraries/{libraryUuid}/licenses](https://api-docs.mend.io/sca/2.0/library-organization/addlicensereference.md): Adds a license reference to a given library

### Set Library Copyright

 - [POST /api/v2.0/orgs/{orgToken}/libraries/{libraryUuid}/copyrights](https://api-docs.mend.io/sca/2.0/library-organization/setlibrarycopyright.md): Edits or adds a copyright statement for a given library

### Revert Library User Copyrights

 - [DELETE /api/v2.0/orgs/{orgToken}/libraries/{libraryUuid}/copyrights](https://api-docs.mend.io/sca/2.0/library-organization/revertlibrarycopyright.md): Reverts the copyright statement for a given library to its original text

### Get Organization In-House Libraries

 - [GET /api/v2.0/orgs/{orgToken}/libraries/inHouse](https://api-docs.mend.io/sca/2.0/library-organization/getproprietarylibraries_2.md): Retrieves all libraries in an organization that have been marked as In-House

### Mark/Unmark Library As In-House

 - [POST /api/v2.0/orgs/{orgToken}/libraries/inHouse](https://api-docs.mend.io/sca/2.0/library-organization/proprietary.md): Marks/unmarks a single library in an organization as In-House

### Get Library Version Vulnerability Trends

 - [GET /api/v2.0/orgs/{orgToken}/libraries/{libraryUuid}/vulnerabilityTrends](https://api-docs.mend.io/sca/2.0/library-organization/getlibrarytrends.md): Returns the trend of the number of vulnerabilities in a library over past versions.
Define the scope of the trend with the parameters 'before' denoting the number of versions before the current version, and 'after'.
Does not support generic library types like Debian, RPM and Ruby

### Get Library Versions

 - [GET /api/v2.0/orgs/{orgToken}/libraries/{libraryUuid}/versions](https://api-docs.mend.io/sca/2.0/library-organization/getlibraryversions.md): Returns a list of a library's versions

### Get Library Projects In Organization

 - [GET /api/v2.0/orgs/{orgToken}/libraries/{libraryUuid}/projects](https://api-docs.mend.io/sca/2.0/library-organization/getlibraryprojects_1.md): Returns a list of an organization's projects that contain a particular library

### Get Library Details

 - [GET /api/v2.0/orgs/{orgToken}/libraries/{libraryUuid}](https://api-docs.mend.io/sca/2.0/library-organization/getlibrarybyuuid.md): Returns a single library's details

### Remove Library License References

 - [DELETE /api/v2.0/orgs/{orgToken}/libraries/{libraryUuid}/licenses/{licenseUuid}](https://api-docs.mend.io/sca/2.0/library-organization/removelicensereference.md): Removes the license reference from a library

### Revert Library User Licenses

 - [DELETE /api/v2.0/orgs/{orgToken}/libraries/{libraryUuid}/licenses/revert](https://api-docs.mend.io/sca/2.0/library-organization/revertlicensereferences.md): Reverts the license for a given library to its original state

## Access Management

### Refresh Access Token

 - [POST /api/v2.0/login/accessToken](https://api-docs.mend.io/sca/2.0/access-management/refreshaccesstoken.md): Generate a new access token using the provided refresh token.

### Login

 - [POST /api/v2.0/login](https://api-docs.mend.io/sca/2.0/access-management/login.md): Sign in a user with email and user key, returning a JWT token which is valid for 30 minutes.
If you omit the organization, it defaults to the last one you signed in to. 

## General Info - Vulnerabilities

### Get Vulnerability Remediation Proposals

 - [GET /api/v2.0/vulnerabilities/{vulnerabilityId}/remediation](https://api-docs.mend.io/sca/2.0/general-info-vulnerabilities/getvulnerabilityremediationproposals.md): Returns the recommended remediation actions to take for a given vulnerability

### Get Vulnerability Profile

 - [GET /api/v2.0/vulnerabilities/{vulnerabilityId}](https://api-docs.mend.io/sca/2.0/general-info-vulnerabilities/getvulnerabilityprofile.md): Returns a complete vulnerability profile of a given CVE-ID

## Library - Source Files

### Get project source files inventory

 - [GET /api/v2.0/projects/{projectToken}/sourceFiles/inventory](https://api-docs.mend.io/sca/2.0/library-source-files/getsourcefiles.md): Returns an inventory list of the source files associated with each library in a project

### Get product source files inventory

 - [GET /api/v2.0/products/{productToken}/sourceFiles/inventory](https://api-docs.mend.io/sca/2.0/library-source-files/getsourcefiles_1.md): Returns a list of libraries together with the location of their source files

## User Management - Roles And Permissions

### Get User Project Permissions

 - [GET /api/v2.0/projects/{projectToken}/permissions](https://api-docs.mend.io/sca/2.0/user-management-roles-and-permissions/getuserpermissions.md): Returns the actions permitted actions to the current user in a given project

### Get User Product Permissions

 - [GET /api/v2.0/products/{productToken}/permissions](https://api-docs.mend.io/sca/2.0/user-management-roles-and-permissions/getuserpermissions_1.md): This api returns the list of permitted actions for the logged-in user and the a given product

### Get User Organization Permissions

 - [GET /api/v2.0/orgs/{orgToken}/permissions](https://api-docs.mend.io/sca/2.0/user-management-roles-and-permissions/getuserpermissions_2.md): This api returns the listed of permitted actions for the logged-in user and the given organization

## Library - Project

### Get Project Library Vulnerabilities

 - [GET /api/v2.0/projects/{projectToken}/libraries/{libraryUuid}/vulnerabilities](https://api-docs.mend.io/sca/2.0/library-project/getlibraryvulnerabilities.md): Returns a list of the vulnerabilities in the libraries of a given project

### Get Project Library Impact

 - [GET /api/v2.0/projects/{projectToken}/libraries/{libraryUuid}/paths](https://api-docs.mend.io/sca/2.0/library-project/getlibraryimpact.md): Returns the dependency paths of a given library in a particular project. 

### Get Project Due Diligence Info

 - [GET /api/v2.0/projects/{projectToken}/libraries/licenses](https://api-docs.mend.io/sca/2.0/library-project/getduediligenceinfobymultiplecontexts.md): Returns a due diligence report listing the source and license information for all libraries in a project

### Get In-House Libraries

 - [GET /api/v2.0/projects/{projectToken}/libraries/inHouse](https://api-docs.mend.io/sca/2.0/library-project/getproprietarylibraries.md): Returns all libraries in a given project that have been designated as "In-House". They will not trigger any alerts or be included in license analysis.

### Get Project Libraries

 - [GET /api/v2.0/projects/{projectToken}/libraries](https://api-docs.mend.io/sca/2.0/library-project/getlibraries.md): Returns the set of libraries used by a particular project

## Alerts - Product

### Get Security Alerts By Library

 - [GET /api/v2.0/products/{productToken}/alerts/security/groupBy/component](https://api-docs.mend.io/sca/2.0/alerts-product/getlibrarysecurityvulnerabilityalerts_1.md): Returns security alerts for a given product grouped by library

### Get Product Security Alerts

 - [GET /api/v2.0/products/{productToken}/alerts/security](https://api-docs.mend.io/sca/2.0/alerts-product/getsecurityvulnerabilityalerts_1.md): Returns all security alerts for a given product

### Get Product Legal And Compliance Alerts

 - [GET /api/v2.0/products/{productToken}/alerts/legal](https://api-docs.mend.io/sca/2.0/alerts-product/getlegalandcompliancealerts_1.md): Returns all legal and compliance alerts for a given product

## General Info - Permissions

### Get All Available Permissions Grouped By Roles

 - [GET /api/v2.0/permissions/byRole](https://api-docs.mend.io/sca/2.0/general-info-permissions/getavailablerolepermissions.md): Returns a list of the current user's permissions grouped by roles

## Vulnerable Libraries

### Get Vulnerable Libraries By CVE

 - [GET /api/v2.0/orgs/{orgToken}/vulnerabilities/{vulnerabilityName}/libraries](https://api-docs.mend.io/sca/2.0/vulnerable-libraries/getvulnerablelibrariesbycve.md): Returns all of the vulnerable libraries in an organization ordered by their associated CVE-ID

## Summary - Organization

### Get Organization Scan Count Per Agent.

 - [GET /api/v2.0/orgs/{orgToken}/summary/scanCountPerAgent](https://api-docs.mend.io/sca/2.0/summary-organization/getscancountperagent.md): Returns the total number of scans in selected period and a breakdown per agent.
The selected period cannot have start date older 30 days before the current date. Also selected period cannot be greater than 30 days


### Get Organization Vulnerable Libraries Count By Projects

 - [GET /api/v2.0/orgs/{orgToken}/summary/projects/vulnerableLibraryCount](https://api-docs.mend.io/sca/2.0/summary-organization/getvulnerablelibscountbyprojects.md): Returns vulnerable libraries count by projects for a given organization.

### Get Organization Libraries Count By Projects.

 - [GET /api/v2.0/orgs/{orgToken}/summary/projects/totalLibraryCount](https://api-docs.mend.io/sca/2.0/summary-organization/getlibscountbyprojects.md): Returns the total number of libraries (non-unique) for a given organization with a breakdown per project

### Get Organization In-House Libraries Count By Projects.

 - [GET /api/v2.0/orgs/{orgToken}/summary/projects/inHouseLibraries](https://api-docs.mend.io/sca/2.0/summary-organization/getinhouselibrariesbyprojects.md): Returns the total number of in house libraries (non-unique) for a given organization with a breakdown per project.

### Get Organization Vulnerable Libraries Count By Products

 - [GET /api/v2.0/orgs/{orgToken}/summary/products/vulnerableLibraryCount](https://api-docs.mend.io/sca/2.0/summary-organization/getvulnerablelibscountbyproducts.md): Returns vulnerable libraries count by products for a given organization.

### Get Organization Libraries Count By Products.

 - [GET /api/v2.0/orgs/{orgToken}/summary/products/totalLibraryCount](https://api-docs.mend.io/sca/2.0/summary-organization/getlibscountbyproducts.md): Returns the total number of libraries (non-unique) for a given organization with a breakdown per product

### Get Organization In-House Libraries Count By Products.

 - [GET /api/v2.0/orgs/{orgToken}/summary/products/inHouseLibraries](https://api-docs.mend.io/sca/2.0/summary-organization/getinhouselibrariesbyproducts.md): Returns the total number of in house libraries (non-unique) for a given organization with a breakdown per product.

### Get Libraries Count Per License

 - [GET /api/v2.0/orgs/{orgToken}/summary/libraryCountPerLicense](https://api-docs.mend.io/sca/2.0/summary-organization/getlibrarycountperlicense.md): Returns the total number of libraries for a given organization, along with a breakdown of the number of libraries per license.

### Get Libraries Count By Language

 - [GET /api/v2.0/orgs/{orgToken}/summary/libraryCountPerLanguage](https://api-docs.mend.io/sca/2.0/summary-organization/getlibrarycountperlanguage.md): Returns the number of libraries with a breakdown per Language. The library count should be for all occurrences (nonunique) and only open source.

### Get Vulnerability Alerts Count Per Effective Usage Status.

 - [GET /api/v2.0/orgs/{orgToken}/summary/effective/vulnerabilityCountPerSeverity](https://api-docs.mend.io/sca/2.0/summary-organization/getdomainvulnerabilityalertcountpereffectiveusage.md): Vulnerability alert count per effective usage status.

### Get Organization Alert Type Summaries

 - [GET /api/v2.0/orgs/{orgToken}/summary/alertTypes](https://api-docs.mend.io/sca/2.0/summary-organization/getorganizationalerttypesummaries.md): Returns the alerts count per type for a given organization.

### Get Organization Alert Count Per Severity

 - [GET /api/v2.0/orgs/{orgToken}/summary/alertCountPerSeverity](https://api-docs.mend.io/sca/2.0/summary-organization/getorganizationalertcountperseverity.md): Returns the active alerts count per severity for a given organization.

## Asynchronous Process Control

### Get Async Process Status

 - [GET /api/v2.0/orgs/{orgToken}/asyncProcessStatus/{statusUuid}](https://api-docs.mend.io/sca/2.0/asynchronous-process-control/getreportstatus.md):  Returns the status of an asynchronous process. Asynchronous processes allow requests to be performed in
 the background, enabling you to initiate tasks and check their completion status later.

 
+ Post Apply OrganizationPolicies On Inventory.
+ Post Apply Product Policies On Inventory.
+ Post Apply Project Policies On Inventory.

## domain-controller

### Get User Managed Domains

 - [GET /api/v2.0/orgs/managed-domains](https://api-docs.mend.io/sca/2.0/domain-controller/getusermanageddomains.md): Returns a list of all organizations where the current user is a domain or application admin.

## General Info - Licenses

### Get License Details

 - [GET /api/v2.0/licenses/{licenseName}](https://api-docs.mend.io/sca/2.0/general-info-licenses/getlicensedetails.md): Returns detailed information about a specific license

### Get All Licenses

 - [GET /api/v2.0/licenses](https://api-docs.mend.io/sca/2.0/general-info-licenses/getalllicenses.md): Returns a list of all known licenses in the system.

## product-attribution-report-controller

### Delete attribution report library settings

 - [DELETE /api/v2.0/products/{productIdentifier}/librarySettings/attributionReport](https://api-docs.mend.io/sca/2.0/product-attribution-report-controller/deleteattributionreportlibrarysettings.md): Delete library settings to be reflected in the attribution report