Mend API (2.0)
Mend's enhanced SCA API enables automation of workflows in a REST compliant format. The API features:
- Access for any user with Mend credentials, via a user key available in the user's profile page in the Mend App.
- Improved security with a JWT token per organization, which expires every 30 minutes.
- Added scalability with support for pagination, filtering and sorting search results.
- Broader functionality available programmatically.
- New standard API documentation for easy navigation and search.
If you have a dedicated instance of Mend, contact your Mend representative to access this API on your instance.
org UUID (by running Entities - Organization > Get User Organizations) or API Key (from the Mend SCA App: Integrate tab > API Key).
- Generated server url
https://api-saas.mend.io/api/v2.0/orgs/{orgToken}/settings/whiteList/{uuid}
- Payload
- cURL
- JS
- Go
- Ruby
- Java 8
{ "regex": "*aa*", "description": "description for white list" }
{ "supportToken": "1171c60d", "retVal": { "uuid": "123e4567-e89b-12d3-a456-426655440000", "regexType": "BY_NAME", "regex": "*aa*", "createdBy": "string", "createdAt": "2019-08-24T14:15:22Z", "description": "Sample description" } }
- Generated server url
https://api-saas.mend.io/api/v2.0/orgs/{orgToken}/settings/whiteList/{uuid}
- Payload
- cURL
- JS
- Go
- Ruby
- Java 8
No request payload
{ "supportToken": "1171c60d", "retVal": { "message": "Success!" } }
- Generated server url
https://api-saas.mend.io/api/v2.0/orgs/{orgToken}/settings/whiteList/rules
- Payload
- cURL
- JS
- Go
- Ruby
- Java 8
[ { "uuid": "123e4567-e89b-12d3-a456-426655440000", "regex": "*aa*", "description": "description for white list" } ]
{ "supportToken": "1171c60d", "retVal": { "message": "Success!" } }
Request
Creates multiple new whitelist rules for an organization, defining which libraries to match, their vulnerability scores and the actions to take. Whitelisted libraries have been pre-approved by your organization so no policy alerts will be created for them during scans, and they will be ignored by all organizational policies.
- Generated server url
https://api-saas.mend.io/api/v2.0/orgs/{orgToken}/settings/whiteList/rules
- Payload
- cURL
- JS
- Go
- Ruby
- Java 8
{ "rules": [ { … } ] }
{ "supportToken": "1171c60d", "retVal": [ { … } ] }
- Generated server url
https://api-saas.mend.io/api/v2.0/orgs/{orgToken}/settings/whiteList/rules
- Payload
- cURL
- JS
- Go
- Ruby
- Java 8
[ { "uuid": "123e4567-e89b-12d3-a456-426655440000" } ]
{ "supportToken": "1171c60d", "retVal": { "message": "Success!" } }
- Generated server url
https://api-saas.mend.io/api/v2.0/orgs/{orgToken}/settings/whiteList/apply
- Payload
- cURL
- JS
- Go
- Ruby
- Java 8
No request payload
{ "supportToken": "1171c60d", "retVal": { "message": "Success!" } }
- Generated server url
https://api-saas.mend.io/api/v2.0/orgs/{orgToken}/settings/whiteList
- Payload
- cURL
- JS
- Go
- Ruby
- Java 8
No request payload
OK
- totalItems: The total count of data points returned in an API response.
- isLastPage: Defines whether the current page represents the conclusion of the API response. When “true”, this signifies you are viewing the last page of the API response. When “false”, this indicates there are further pages remaining.
{ "additionalData": { "totalItems": "422", "isLastPage": "true" }, "supportToken": "1171c60d", "retVal": [ { … } ] }
Request
Creates a new whitelist rule for an organization, defining which libraries to match along, their vulnerability scores and the actions to take. Whitelisted libraries have been pre-approved by your organization so no policy alerts will be created for them during scans, and they will be ignored by all organizational policies.
- Generated server url
https://api-saas.mend.io/api/v2.0/orgs/{orgToken}/settings/whiteList
- Payload
- cURL
- JS
- Go
- Ruby
- Java 8
{ "regex": "*aa*", "description": "description for white list" }
{ "supportToken": "1171c60d", "retVal": { "uuid": "123e4567-e89b-12d3-a456-426655440000", "regexType": "BY_NAME", "regex": "*aa*", "createdBy": "string", "createdAt": "2019-08-24T14:15:22Z", "description": "Sample description" } }