Skip to content

Mend API (3.0.1)

Mend's enhanced SCA API enables automation of workflows in a REST compliant format. The API features:

  • Access for any user with Mend credentials, via a user key available in the user's profile page in the Mend App.
  • Improved security with a JWT token per organization, which expires every 30 minutes.
  • Added scalability with support for pagination, filtering and sorting search results.
  • Broader functionality available programmatically.
  • New standard API documentation for easy navigation and search.

If you have a dedicated instance of Mend, contact your Mend representative to access this API on your instance.

Download OpenAPI description
Languages
Servers
Generated server url

https://api-saas.mend.io/

Operations
Operations
Operations
Operations

project-attribution-report-controller

Operations
Operations
Operations
Operations
Operations
Operations
Operations
Operations
Operations
Operations
Operations
Operations
Operations
Operations
Operations
Operations
Operations
Operations
Operations

User Management - Roles And Permissions

Operations
Operations
Operations
Operations
Operations
Operations

Get Organization Scan Count Per Agent.

Request

Returns the total number of scans in selected period and a breakdown per agent. The selected period cannot have start date older 30 days before the current date. Also selected period cannot be greater than 30 days

Security
bearer-key
Path
orgTokenstringrequired

org UUID (by running Entities - Organization > Get User Organizations) or API Key (from the Mend SCA App: Integrate tab > API Key).

Query
searchany

Filter your search to return items whose property has a specific value. Use the syntax: property:operation:value where a colon (:) separates between property, operation and value.

  • Property: the name of the property of the item
  • Operation:
    • between - true if the value is inside a range. Syntax: lowest value comma (,) highest value. E.g. between:2019-05-01,2019-06-01
  • Value: the value of the property.

This endpoint supports filtering on this property:

  • date:between:date1,date2. E.g. between:2019-05-10,2019-06-01. Difference between dates cannot be greater than 30 days
No request payload

Responses

OK

Bodyapplication/json
supportTokenstring(Support Token)
Example: "1171c60d"
retValobject(ScanSummaryCountDTO)
Response
application/json
{ "supportToken": "1171c60d", "retVal": { "totalCount": 20, "agents": [] } }

Get Organization Vulnerable Libraries Count By Projects

Request

Returns vulnerable libraries count by projects for a given organization.

Security
bearer-key
Path
orgTokenstringrequired

org UUID (by running Entities - Organization > Get User Organizations) or API Key (from the Mend SCA App: Integrate tab > API Key).

Query
pageSizestring<= 10000

Enter the number of items to return in each page of the result.

Default "50"
pagestring

Enter the page number to display in the result. Page numbers start at 0

Default "0"
searchany

Filter your search to return items whose property has a specific value. Use the syntax: property:operation:value where a colon (:) separates between property, operation and value.

  • Property: the name of the property of the item
  • Operation:
    • equals - true if the value is identical to this value.
    • like - true if the property's value is contained within this value
    • regex - true if this regular expression resolves as true. The regex is not case sensitive, and special characters must be escaped with a backslash. Special characters include space, double quote ("), '<', '>', '#', '%', '{', '}', vertical bar ('|'), backslash, '^'. To pass an escaped character in a URL in Postman, encode it first. E.g. to return all items whose value begins with a or A, use regex:^a
  • Value: the value of the property.

To combine multiple filters, separate each filter with a semicolon with no space. E.g. property1:operation1:value1;property2:operation2:value2

This endpoint supports filtering on the following properties and its supported operators:

  • vulnerabilityId:[equals]:value
  • productName:[like | equals | regex]:value
  • projectName:[like | equals | regex]:value
No request payload

Responses

OK

Bodyapplication/json
additionalDataobject(Provides insights into endpoint-supported pagination information.)
  • totalItems: The total count of data points returned in an API response.
  • isLastPage: Defines whether the current page represents the conclusion of the API response. When “true”, this signifies you are viewing the last page of the API response. When “false”, this indicates there are further pages remaining.
Example: {"totalItems":"422","isLastPage":"true"}
supportTokenstring(Support Token)
Example: "1171c60d"
retValArray of objects(VulnrerableLibrariesByProjectCountDTO)
Response
application/json
{ "additionalData": { "totalItems": "422", "isLastPage": "true" }, "supportToken": "1171c60d", "retVal": [ {} ] }

Get Organization Libraries Count By Projects.

Request

Returns the total number of libraries (non-unique) for a given organization with a breakdown per project

Security
bearer-key
Path
orgTokenstringrequired

org UUID (by running Entities - Organization > Get User Organizations) or API Key (from the Mend SCA App: Integrate tab > API Key).

Query
pageSizestring<= 10000

Enter the number of items to return in each page of the result.

Default "50"
pagestring

Enter the page number to display in the result. Page numbers start at 0

Default "0"
No request payload

Responses

OK

Bodyapplication/json
additionalDataobject(Provides insights into endpoint-supported pagination information.)
  • totalItems: The total count of data points returned in an API response.
  • isLastPage: Defines whether the current page represents the conclusion of the API response. When “true”, this signifies you are viewing the last page of the API response. When “false”, this indicates there are further pages remaining.
Example: {"totalItems":"422","isLastPage":"true"}
supportTokenstring(Support Token)
Example: "1171c60d"
retValArray of objects(LibraryCountByProjectDTO)
Response
application/json
{ "additionalData": { "totalItems": "422", "isLastPage": "true" }, "supportToken": "1171c60d", "retVal": [ {} ] }

Get Organization In-House Libraries Count By Projects.

Request

Returns the total number of in house libraries (non-unique) for a given organization with a breakdown per project.

Security
bearer-key
Path
orgTokenstringrequired

org UUID (by running Entities - Organization > Get User Organizations) or API Key (from the Mend SCA App: Integrate tab > API Key).

Query
pageSizestring<= 10000

Enter the number of items to return in each page of the result.

Default "50"
pagestring

Enter the page number to display in the result. Page numbers start at 0

Default "0"
No request payload

Responses

OK

Bodyapplication/json
additionalDataobject(Provides insights into endpoint-supported pagination information.)
  • totalItems: The total count of data points returned in an API response.
  • isLastPage: Defines whether the current page represents the conclusion of the API response. When “true”, this signifies you are viewing the last page of the API response. When “false”, this indicates there are further pages remaining.
Example: {"totalItems":"422","isLastPage":"true"}
supportTokenstring(Support Token)
Example: "1171c60d"
retValobject(DomainSummeryInHouseLibraryPerProjectDTO)
Response
application/json
{ "additionalData": { "totalItems": "422", "isLastPage": "true" }, "supportToken": "1171c60d", "retVal": { "totalOrganizationCount": 34, "projects": [] } }

Get Organization Vulnerable Libraries Count By Products

Request

Returns vulnerable libraries count by products for a given organization.

Security
bearer-key
Path
orgTokenstringrequired

org UUID (by running Entities - Organization > Get User Organizations) or API Key (from the Mend SCA App: Integrate tab > API Key).

Query
pageSizestring<= 10000

Enter the number of items to return in each page of the result.

Default "50"
pagestring

Enter the page number to display in the result. Page numbers start at 0

Default "0"
searchany

Filter your search to return items whose property has a specific value. Use the syntax: property:operation:value where a colon (:) separates between property, operation and value.

  • Property: the name of the property of the item
  • Operation:
    • equals - true if the value is identical to this value.
    • like - true if the property's value is contained within this value
    • regex - true if this regular expression resolves as true. The regex is not case sensitive, and special characters must be escaped with a backslash. Special characters include space, double quote ("), '<', '>', '#', '%', '{', '}', vertical bar ('|'), backslash, '^'. To pass an escaped character in a URL in Postman, encode it first. E.g. to return all items whose value begins with a or A, use regex:^a
  • Value: the value of the property.

To combine multiple filters, separate each filter with a semicolon with no space. E.g. property1:operation1:value1;property2:operation2:value2

This endpoint supports filtering on the following properties and its supported operators:

  • vulnerabilityId:[equals]:value
  • productName:[like | equals | regex]:value
  • projectName:[like | equals | regex]:value
No request payload

Responses

OK

Bodyapplication/json
additionalDataobject(Provides insights into endpoint-supported pagination information.)
  • totalItems: The total count of data points returned in an API response.
  • isLastPage: Defines whether the current page represents the conclusion of the API response. When “true”, this signifies you are viewing the last page of the API response. When “false”, this indicates there are further pages remaining.
Example: {"totalItems":"422","isLastPage":"true"}
supportTokenstring(Support Token)
Example: "1171c60d"
retValArray of objects(VulnerableLibrariesCountDTO)
Response
application/json
{ "additionalData": { "totalItems": "422", "isLastPage": "true" }, "supportToken": "1171c60d", "retVal": [ {} ] }

Get Organization Libraries Count By Products.

Request

Returns the total number of libraries (non-unique) for a given organization with a breakdown per product

Security
bearer-key
Path
orgTokenstringrequired

org UUID (by running Entities - Organization > Get User Organizations) or API Key (from the Mend SCA App: Integrate tab > API Key).

Query
pageSizestring<= 10000

Enter the number of items to return in each page of the result.

Default "50"
pagestring

Enter the page number to display in the result. Page numbers start at 0

Default "0"
No request payload

Responses

OK

Bodyapplication/json
additionalDataobject(Provides insights into endpoint-supported pagination information.)
  • totalItems: The total count of data points returned in an API response.
  • isLastPage: Defines whether the current page represents the conclusion of the API response. When “true”, this signifies you are viewing the last page of the API response. When “false”, this indicates there are further pages remaining.
Example: {"totalItems":"422","isLastPage":"true"}
supportTokenstring(Support Token)
Example: "1171c60d"
retValArray of objects(LibraryCountByProductDTO)
Response
application/json
{ "additionalData": { "totalItems": "422", "isLastPage": "true" }, "supportToken": "1171c60d", "retVal": [ {} ] }

Get Organization In-House Libraries Count By Products.

Request

Returns the total number of in house libraries (non-unique) for a given organization with a breakdown per product.

Security
bearer-key
Path
orgTokenstringrequired

org UUID (by running Entities - Organization > Get User Organizations) or API Key (from the Mend SCA App: Integrate tab > API Key).

Query
pageSizestring<= 10000

Enter the number of items to return in each page of the result.

Default "50"
pagestring

Enter the page number to display in the result. Page numbers start at 0

Default "0"
No request payload

Responses

OK

Bodyapplication/json
additionalDataobject(Provides insights into endpoint-supported pagination information.)
  • totalItems: The total count of data points returned in an API response.
  • isLastPage: Defines whether the current page represents the conclusion of the API response. When “true”, this signifies you are viewing the last page of the API response. When “false”, this indicates there are further pages remaining.
Example: {"totalItems":"422","isLastPage":"true"}
supportTokenstring(Support Token)
Example: "1171c60d"
retValobject(DomainSummaryInHouseLibraryPerProductDTO)
Response
application/json
{ "additionalData": { "totalItems": "422", "isLastPage": "true" }, "supportToken": "1171c60d", "retVal": { "totalOrganizationCount": 34, "products": [] } }

Request

Returns the total number of libraries for a given organization, along with a breakdown of the number of libraries per license.

Security
bearer-key
Path
orgTokenstringrequired

org UUID (by running Entities - Organization > Get User Organizations) or API Key (from the Mend SCA App: Integrate tab > API Key).

Query
pageSizestring<= 10000

Enter the number of items to return in each page of the result.

Default "50"
pagestring

Enter the page number to display in the result. Page numbers start at 0

Default "0"
No request payload

Responses

OK

Bodyapplication/json
supportTokenstring(Support Token)
Example: "1171c60d"
retValobject(LicenseCountDto)
Response
application/json
{ "supportToken": "1171c60d", "retVal": { "totalLibraryCount": 0, "licenses": [] } }

Request

Returns the number of libraries with a breakdown per Language. The library count should be for all occurrences (nonunique) and only open source.

Security
bearer-key
Path
orgTokenstringrequired

org UUID (by running Entities - Organization > Get User Organizations) or API Key (from the Mend SCA App: Integrate tab > API Key).

No request payload

Responses

OK

Bodyapplication/json
supportTokenstring(Support Token)
Example: "1171c60d"
retValobject(LibraryLanguageCountDto)
Response
application/json
{ "supportToken": "1171c60d", "retVal": { "languages": [] } }

Get Vulnerability Alerts Count Per Effective Usage Status.

Request

Vulnerability alert count per effective usage status.

Security
bearer-key
Path
orgTokenstringrequired

org UUID (by running Entities - Organization > Get User Organizations) or API Key (from the Mend SCA App: Integrate tab > API Key).

Query
cvss4boolean
No request payload

Responses

OK

Bodyapplication/json
supportTokenstring(Support Token)
Example: "1171c60d"
retValobject(VulnerabilityAlertCountPerEffectiveUsageDTO)
Response
application/json
{ "supportToken": "1171c60d", "retVal": { "red": {}, "yellow": {}, "green": {}, "grey": {} } }

Get Organization Alert Type Summaries

Request

Returns the alerts count per type for a given organization.

Security
bearer-key
Path
orgTokenstringrequired

org UUID (by running Entities - Organization > Get User Organizations) or API Key (from the Mend SCA App: Integrate tab > API Key).

Query
cvss4boolean
No request payload

Responses

OK

Bodyapplication/json
supportTokenstring(Support Token)
Example: "1171c60d"
retValobject(DomainAlertTypeSummaryDTO)
Response
application/json
{ "supportToken": "1171c60d", "retVal": { "policies": {}, "libraries": {}, "securityPerLibrary": {}, "securityPerVulnerability": {} } }

Get Organization Alert Count Per Severity

Request

Returns the active alerts count per severity for a given organization.

Security
bearer-key
Path
orgTokenstringrequired

org UUID (by running Entities - Organization > Get User Organizations) or API Key (from the Mend SCA App: Integrate tab > API Key).

Query
cvss4boolean
No request payload

Responses

OK

Bodyapplication/json
supportTokenstring(Support Token)
Example: "1171c60d"
retValobject(SecurityAlertPerVulnerabilityDTO)
Response
application/json
{ "supportToken": "1171c60d", "retVal": { "total": 15, "critical": 5, "high": 4, "medium": 3, "low": 3 } }
Operations
Operations
Operations

product-attribution-report-controller

Operations