Changes a given security alert's status and comments
Mend SCA API (2.0)
Mend's enhanced SCA API enables automation of workflows in a REST compliant format. The API features:
- Access for any user with Mend credentials, via a user key available in the user's profile page in the Mend App.
- Improved security with a JWT token per organization, which expires every 30 minutes.
- Added scalability with support for pagination, filtering and sorting search results.
- Broader functionality available programmatically.
- New standard API documentation for easy navigation and search.
If you have a dedicated instance of Mend, contact your Mend representative to access this API on your instance.
project UUID (by running Entities - Product > Get Product Projects) or Project Token (from the Mend SCA App: Integrate tab > Project Token).
- Generated server urlhttps://api-saas.mend.io/api/v2.0/projects/{projectToken}/alerts/security/{alertUuid} 
- Payload
- cURL
- JS
- Go
- Ruby
- Java 8
{ "status": "ACTIVE", "comment": "This alert is not important" }
project UUID (by running Entities - Product > Get Product Projects) or Project Token (from the Mend SCA App: Integrate tab > Project Token).
- Generated server urlhttps://api-saas.mend.io/api/v2.0/projects/{projectToken}/alerts/security/library/{libraryUuid} 
- Payload
- cURL
- JS
- Go
- Ruby
- Java 8
{ "status": "ACTIVE", "comment": "This alert is not important" }
{ "supportToken": "1171c60d", "retVal": true }
org UUID (by running Entities - Organization > Get User Organizations) or API Key (from the Mend SCA App: Integrate tab > API Key).
- Generated server urlhttps://api-saas.mend.io/api/v2.0/projects/{projectToken}/alerts/legal/{alertUuid} 
- Payload
- cURL
- JS
- Go
- Ruby
- Java 8
{ "status": "ACTIVE", "comment": "This alert is not important" }
Filter your search to return items whose property has a specific value. Use the syntax: property:operation:value where a colon (:) separates between property, operation and value.
- Property: the name of the property of the item
- Operation:- between - true if the value is inside a range. Syntax: lowest value comma (,) highest value. E.g. between:2019-05-01,2019-06-01
- equals - true if the value is identical to this value.
- gt - true if the value is greater than this value.
- in - true if the value is identical to one of the items in this comma-separated list. E.g. in:value1,value2,value3
- like - true if the property's value is contained within this value
- regex - true if this regular expression resolves as true. The regex is not case sensitive, and special characters must be escaped with a backslash. Special characters can be space, double quote ("), '<', '>', '#', '%', '{', '}', vertical bar ('|'), backslash, '^'. To pass an escaped character in a URL in Postman, encode it first. E.g. to return all items whose value begins with a or A, use regex:^a
 
- Value: the value of the property.
To combine multiple filters, separate each filter with a semicolon with no space. E.g. property1:operation1:value1;property2:operation2:value2
This endpoint supports filtering on the following properties and its supported operators:
- comment:[like | equals | regex]:value
- commentBy:[like | equals | regex]:value
- componentName:[like | equals | regex]:value
- criticalNum:gt:value
- detectedAt:between:date1,date2. E.g. between:2019-05-01,2019-06-01
- directDependency:equals:value
- effective:[like | in | equals | regex]:value
- hasFix:equals:value
- highNum:gt:value
- lastCveUpdatedAt:between:date1,date2. E.g. between:2019-05-01,2019-06-01
- lowNum:gt:value
- mediumNum:gt:value
- modifiedAt:between:date1,date2. E.g. between:2019-05-01,2019-06-01
- projectName:[like | equals | regex]:value
- publishedAt:between:date1,date2. E.g. between:2019-05-01,2019-06-01
- score:between:lowvalue,highvalue
- scoreType:[like | equals | regex]:value
- severity:[like | equals | regex]:value
- sourceFileName:[like | equals | regex]:value
- status:[in | equals]:value
- vulnerabilityName:[like | equals | regex]:value
- vulnerabilityType:[equals | in]:value
Sort search results alphabetically on an item's property by entering sort= followed by the property name. E.g. enter sort=email to sort alphabetically by their email addresses from a-z ascending.To sort in descending order (z-a), add a minus sign ('-'). E.g. sort=-email.
You can sort by the following properties:
- comment
- commentUserName
- componentName
- detectedAt
- directDependency
- effective
- highNum
- lastCveUpdatedAt
- lowNum
- mediumNum
- modifiedAt
- projectName
- publishedAt
- score
- scoreType
- severity
- status
- vulnerabilityName
- vulnerabilityType
- weight
- Generated server urlhttps://api-saas.mend.io/api/v2.0/projects/{projectToken}/alerts/security/groupBy/component 
- Payload
- cURL
- JS
- Go
- Ruby
- Java 8
No request payloadOK
- totalItems: The total count of data points returned in an API response.
- isLastPage: Defines whether the current page represents the conclusion of the API response. When “true”, this signifies you are viewing the last page of the API response. When “false”, this indicates there are further pages remaining.
{ "additionalData": { "totalItems": "422", "isLastPage": "true" }, "supportToken": "1171c60d", "retVal": [ { … } ] }
Filter your search to return items whose property has a specific value. Use the syntax: property:operation:value where a colon (:) separates between property, operation and value.
- Property: the name of the property of the item
- Operation:- between - true if the value is inside a range. Syntax: lowest value comma (,) highest value. E.g. between:2019-05-01,2019-06-01
- equals - true if the value is identical to this value.
- gt - true if the value is greater than this value.
- in - true if the value is identical to one of the items in this comma-separated list. E.g. in:value1,value2,value3
- like - true if the property's value is contained within this value
- regex - true if this regular expression resolves as true. The regex is not case sensitive, and special characters must be escaped with a backslash. Special characters include space, double quote ("), '<', '>', '#', '%', '{', '}', vertical bar ('|'), backslash, '^'. To pass an escaped character in a URL in Postman, encode it first. E.g. to return all items whose value begins with a or A, use regex:^a
 
- Value: the value of the property.
To combine multiple filters, separate each filter with a semicolon with no space. E.g. property1:operation1:value1;property2:operation2:value2
This endpoint supports filtering on the following properties and its supported operators:
- comment:[like | equals | regex]:value
- commentUserEmail:[like | equals | regex]:value
- componentName:[like | equals | regex]:value
- detectedAt:between:date1,date2. E.g. between:2019-05-01,2019-06-01
- directDependency:equals:value
- effective:[like | equals | regex | in]:value
- hasFix:equals:value
- lastCveUpdatedAt:between:date1,date2. E.g. between:2019-05-01,2019-06-01
- modifiedAt:between:date1,date2. E.g. between:2019-05-01,2019-06-01
- projectName:[like | equals | regex]:value
- score:between:lowvalue,highvalue
- scoreType:[like | equals | regex]:value
- severity:[like | equals | regex]:value
- sourceFileName:[like | equals | regex]:value
- status:[in | equals]:value
- vulnerabilityName:[like | equals | regex]:value
- vulnerabilityType:[equals | in]:value
- libraryType:[equals | in | like | regex]:value
Sort search results alphabetically on an item's property by entering sort= followed by the property name. E.g. enter sort=email to sort alphabetically by their email addresses from a-z ascending.To sort in descending order (z-a), add a minus sign ('-'). E.g. sort=-email.
You can sort by the following properties:
- comment
- commentUserEmail
- componentName
- detectedAt
- directDependency
- effective
- hasFix
- lastCveUpdatedAt
- modifiedAt
- projectName
- score
- scoreType
- severity
- sourceFileName
- status
- vulnerabilityName
- vulnerabilityType
- libraryType
- Generated server urlhttps://api-saas.mend.io/api/v2.0/projects/{projectToken}/alerts/security 
- Payload
- cURL
- JS
- Go
- Ruby
- Java 8
No request payloadOK
- totalItems: The total count of data points returned in an API response.
- isLastPage: Defines whether the current page represents the conclusion of the API response. When “true”, this signifies you are viewing the last page of the API response. When “false”, this indicates there are further pages remaining.
{ "additionalData": { "totalItems": "422", "isLastPage": "true" }, "supportToken": "1171c60d", "retVal": [ { … } ] }
Filter your search to return items whose property has a specific value. Use the syntax: property:operation:value where a colon (:) separates between property, operation and value.
- Property: the name of the property of the item
- Operation:- between - true if the value is inside a range. Syntax: lowest value comma (,) highest value. E.g. between:2019-05-01,2019-06-01
- equals - true if the value is identical to this value.
- gt - true if the value is greater than this value.
- in - true if the value is identical to one of the items in this comma-separated list. E.g. in:value1,value2,value3
- like - true if the property's value is contained within this value
- regex - true if this regular expression resolves as true. The regex is not case sensitive, and special characters must be escaped with a backslash. Special characters include space, double quote ("), '<', '>', '#', '%', '{', '}', vertical bar ('|'), backslash, '^'. To pass an escaped character in a URL in Postman, encode it first. E.g. to return all items whose value begins with a or A, use regex:^a
 
- Value: the value of the property.
To combine multiple filters, separate each filter with a semicolon with no space. E.g. property1:operation1:value1;property2:operation2:value2
This endpoint supports filtering on the following properties and its supported operators:
- availableVersion:equals:value
- availableVersionType:[equals | in]:value
- comment:[like | equals | regex]:value
- commentUserEmail:[like | equals | regex]:value
- componentName:[like | equals | regex]:value
- componentType:[equals | in]:value
- detectedAt:between:date1,date2. E.g. between:2019-05-01,2019-06-01
- license:[like | regex ]:value
- modifiedAt:between:date1,date2. E.g. between:2019-05-01,2019-06-01
- numberOfLicenses:[gt | equals]:value
- policyName:[like | equals | regex]:value
- projectName:[like | equals | regex]:value
- status:[in | equals]:value
- type:[equals | in]:value
Sort search results alphabetically on an item's property by entering sort= followed by the property name. E.g. enter sort=email to sort alphabetically by their email addresses from a-z ascending.To sort in descending order (z-a), add a minus sign ('-'). E.g. sort=-email.
You can sort by the following properties:
- availableVersionType
- comment
- componentName
- componentType
- detectedAt
- modifiedAt
- numberOfLicenses
- policyName
- status
- type
- versionType
- Generated server urlhttps://api-saas.mend.io/api/v2.0/projects/{projectToken}/alerts/legal 
- Payload
- cURL
- JS
- Go
- Ruby
- Java 8
No request payloadOK
- totalItems: The total count of data points returned in an API response.
- isLastPage: Defines whether the current page represents the conclusion of the API response. When “true”, this signifies you are viewing the last page of the API response. When “false”, this indicates there are further pages remaining.
{ "additionalData": { "totalItems": "422", "isLastPage": "true" }, "supportToken": "1171c60d", "retVal": [ { … } ] }