@lap v0.3 # Machine-readable API spec. Each @endpoint block is one API call. @api Snyk API @base https://api.snyk.io/rest @version REST @auth ApiKey Authorization in header | Bearer bearer @common_fields {version: str # The requested version of the endpoint to process the request} @endpoints 250 @hint download_for_search @toc custom_base_images(5), groups(54), learn(1), openapi(2), orgs(126), self(10), tenants(52) @group custom_base_images @endpoint GET /custom_base_images @desc Get a custom base image collection @optional {starting_after: str # Return the page of results immediately after this cursor, ending_before: str # Return the page of results immediately before this cursor, limit: int(int32)=10 # Number of results to return per page, project_id: str(uuid) # The ID of the container project that the custom base image is based off of., org_id: str(uuid) # The organization ID of the custom base image, group_id: str(uuid) # The group ID of the custom base image, repository: str # The image repository, tag: str # The image tag, include_in_recommendations: bool # Whether this image should be recommended as a base image upgrade, sort_by: str(repository/tag/version) # Which column to sort by. If sorting by version, the versioning schema is used., sort_direction: str(ASC/DESC)=ASC # Which direction to sort} @returns(200) Returns custom base images @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint POST /custom_base_images @desc Create a Custom Base Image from an existing container project @returns(201) Successfully created a custom base image @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 409: Conflict: The requested operation conflicts with the current state of the resource in some way., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint DELETE /custom_base_images/{custombaseimage_id} @desc Delete a custom base image @required {custombaseimage_id: str(uuid) # Unique identifier for custom base image} @returns(204) Successfully deleted the custom base image @errors {401: Unauthorized: the request requires an authentication token., 404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /custom_base_images/{custombaseimage_id} @desc Get a custom base image @required {custombaseimage_id: str(uuid) # Unique identifier for custom base image} @returns(200) Returns a custom base image @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint PATCH /custom_base_images/{custombaseimage_id} @desc Update a custom base image @required {custombaseimage_id: str(uuid) # Unique identifier for custom base image} @returns(200) Returns the updated custom base image @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endgroup @group groups @endpoint GET /groups @desc Get all groups (Early Access) @optional {starting_after: str # Return the page of results immediately after this cursor, ending_before: str # Return the page of results immediately before this cursor, limit: int(int32)=10 # Number of results to return per page} @returns(200) A list of groups is returned @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /groups/{group_id} @desc Get Group (Early Access) @required {group_id: str(uuid) # Unique identifier of the group.} @returns(200) Returns an instance of a Group @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 409: Conflict: The requested operation conflicts with the current state of the resource in some way., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /groups/{group_id}/apps/installs @desc Get a list of Snyk Apps installed for a Group @required {group_id: str(uuid) # Group ID} @optional {expand: [str] # Expand relationships., starting_after: str # Return the page of results immediately after this cursor, ending_before: str # Return the page of results immediately before this cursor, limit: int(int32)=10 # Number of results to return per page} @returns(200) A list of apps installed for the specified group. @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 409: Conflict: The requested operation conflicts with the current state of the resource in some way., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint POST /groups/{group_id}/apps/installs @desc Install a Snyk App for a Group @required {group_id: str(uuid) # Group ID} @returns(201) The newly created app install. @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 409: Conflict: The requested operation conflicts with the current state of the resource in some way., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint DELETE /groups/{group_id}/apps/installs/{install_id} @desc Revoke app authorization for a Snyk group with install ID @required {group_id: str(uuid) # Group ID, install_id: str(uuid) # Install ID} @returns(204) The Snyk App install is revoked, with no content (no errors). @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 409: Conflict: The requested operation conflicts with the current state of the resource in some way., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint POST /groups/{group_id}/apps/installs/{install_id}/secrets @desc Manage client secret for non-interactive Snyk App installations @required {group_id: str(uuid) # Group ID, install_id: str(uuid) # Install ID} @returns(200) Secret has been updated. @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 409: Conflict: The requested operation conflicts with the current state of the resource in some way., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint POST /groups/{group_id}/assets/search @desc List Assets with filters (Early Access) @required {group_id: str(uuid) # Group ID} @returns(200) Assets found @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 409: Conflict: The requested operation conflicts with the current state of the resource in some way., 500: Internal Server Error: An error was encountered while attempting to process the request.} @example_request {"query":{"attributes":{"attribute":"type","operator":"equal","values":["repository"]}}} @endpoint GET /groups/{group_id}/assets/{asset_id} @desc Get an Asset by its ID (Early Access) @required {asset_id: str(uuid) # Unique identifier for the Asset, group_id: str(uuid) # Group ID} @returns(200) Asset found @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 409: Conflict: The requested operation conflicts with the current state of the resource in some way., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint PATCH /groups/{group_id}/assets/{asset_id} @desc Update asset attributes (Early Access) @required {asset_id: str(uuid) # Unique identifier for the Asset, group_id: str(uuid) # Group ID} @returns(200) Asset updated successfully @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 409: Conflict: The requested operation conflicts with the current state of the resource in some way., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /groups/{group_id}/assets/{asset_id}/relationships/assets @desc List related assets with pagination (Early Access) @required {group_id: str(uuid) # Group ID, asset_id: str(uuid) # Unique identifier for the Asset} @optional {starting_after: str # Return records after the record identified by cursor position starting_after, ending_before: str # Return records before the record identified by cursor position ending_before, limit: num=10 # Number of records to return, type: str(repository/package/image) # Filter by asset type} @returns(200) Related assets found @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 409: Conflict: The requested operation conflicts with the current state of the resource in some way., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /groups/{group_id}/assets/{asset_id}/relationships/projects @desc List asset projects with pagination (Early Access) @required {group_id: str(uuid) # Group ID, asset_id: str(uuid) # Unique identifier for the Asset} @optional {starting_after: str # Return records after the record identified by cursor position starting_after, ending_before: str # Return records before the record identified by cursor position ending_before, limit: num=10 # Number of records to return} @returns(200) Assets found @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 409: Conflict: The requested operation conflicts with the current state of the resource in some way., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /groups/{group_id}/audit_logs/search @desc Search Group audit logs. @required {group_id: str(uuid) # The ID of the Group.} @optional {cursor: str # The ID for the next page of results., from: str(date-time) # The start date (inclusive) of the audit logs search. If not specified, the start of yesterday is used. Dates should be formatted as RFC3339, e.g. 2024-01-02T16:30:00Z., to: str(date-time) # The end date (exclusive) of the audit logs search. Dates should be formatted as RFC3339, e.g. 2024-01-02T16:30:00Z., size: int(int32)=100 # Number of results to return per page., sort_order: str(ASC/DESC)=DESC # Order in which results are returned., user_id: str(uuid) # Filter logs by user ID., project_id: str(uuid) # Filter logs by project ID., events: [str] # Filter logs by event types, cannot be used in conjunction with exclude_events parameter., exclude_events: [str] # Exclude event types from results, cannot be used in conjunctions with events parameter.} @returns(200) Group Audit Logs. @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint POST /groups/{group_id}/export @desc Start an export @required {group_id: str(uuid) # Group ID} @optional {include_deleted: str # Optional parameter to include deleted issues in results, include_deactivated: str # Optional parameter to include disabled issues in results} @returns(202) Created an Export successfully @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 409: Conflict: The requested operation conflicts with the current state of the resource in some way., 429: Too many requests, 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /groups/{group_id}/export/{export_id} @desc Get export results @required {group_id: str(uuid) # Group ID, export_id: str(uuid) # Unique export identifier} @returns(200) Getting an export job results @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 409: Conflict: The requested operation conflicts with the current state of the resource in some way., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /groups/{group_id}/inventory/assets @desc List or search all assets (synchronous) - Group scope (Early Access) @required {group_id: str(uuid) # The unique identifier of the group} @optional {filter: str # RSQL filter expression for filtering results. See schema for full documentation., sort: str # Comma-separated sort fields. Prefix with `-` for descending order., limit: int=10 # Number of results to return per page, starting_after: str # Cursor for fetching the next page of results, ending_before: str # Cursor for fetching the previous page of results, fields: map # Sparse fieldsets allow clients to request only specific fields for a given resource type. Use the format `fields[]=field1,field2` where `` is the JSON:API resource type. **Container image fields** (use with `fields[container_images]`): - `class` - Classification of the asset - `registry` - Container registry hostname - `repository` - Repository path - `config_digest` - Image config digest - `distribution_digests` - Distribution digests (manifest/index pairs) - `image_tags` - Distinct image tags across all discovery sources - `built_at` - When the image was built - `size_bytes` - Size of the image in bytes - `author` - Image author - `architecture` - CPU architecture - `os` - Operating system - `variant` - CPU architecture variant - `os_version` - Operating system version - `os_features` - OS features - `config` - Image runtime configuration (OCI config) - `root_fs` - Root filesystem information - `history` - Image build history - `inferred_base_images` - Inferred base images - `teams` - Teams associated with the asset - `labels` - Labels associated with the asset - `tags` - Key-value tags for the asset - `risk_score` - Risk score for the asset - `test_surfaces` - Test surfaces for the asset - `issues` - Issue counts by severity - `created_at` - When the asset was created - `updated_at` - When the asset was last updated - `last_scan` - When the asset was last scanned - `scan_engines` - Scan engines applied to the asset Note: `type` and `id` are always included regardless of field selection., meta_count: str(with/only) # Provide summary count in the response meta object when requested. When `with` is provided, the count will be included in the response meta object. When `only` is provided, the count will be included in the response meta object and no data will be returned.} @returns(200) Successful response with a polymorphic list of assets @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint PATCH /groups/{group_id}/inventory/assets @desc Bulk update asset attributes - Group scope (Early Access) @required {group_id: str(uuid) # The unique identifier of the group} @returns(204) Assets updated successfully @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /groups/{group_id}/inventory/assets/filters @desc Get available filter fields - Group scope (Early Access) @required {group_id: str(uuid) # The unique identifier of the group} @optional {asset_types: str # Comma-separated list of asset types to filter the available filter fields, limit: int=10 # Number of results to return, starting_after: str # Cursor for fetching the next page of results, ending_before: str # Cursor for fetching the previous page of results} @returns(200) List of available filter fields @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /groups/{group_id}/inventory/assets/filters/{filter_id}/values @desc Get filter value suggestions (autocomplete) - Group scope (Early Access) @required {group_id: str(uuid) # The unique identifier of the group, filter_id: str(uuid) # The UUID of the filter field to get values for (from the filter fields list endpoint)} @optional {q: str # Full text search term to filter the list of values. If keys_only is true, this will filter the keys of the object filter values. If key is provided, this will filter the value for the specific key of the object filter values., limit: int=10 # Number of results to return, starting_after: str # Cursor for fetching the next page of results, ending_before: str # Cursor for fetching the previous page of results, keys_only: bool # Return only the keys of the object filter values, key: str # Return only the value for a specific key of the object filter values} @returns(200) List of filter values @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /groups/{group_id}/inventory/assets/groups @desc Get available group fields - Group scope (Early Access) @required {group_id: str(uuid) # The unique identifier of the group} @optional {asset_types: str # Comma-separated list of asset types to filter group fields, limit: int=10 # Maximum number of results to return, starting_after: str # Cursor for forward pagination, ending_before: str # Cursor for backward pagination} @returns(200) List of available group fields @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /groups/{group_id}/inventory/assets/groups/{group_field_id}/values @desc Get group value aggregation - Group scope (Early Access) @required {group_id: str(uuid) # The unique identifier of the group, group_field_id: str(uuid) # The UUID of the group field to get values for (from the group fields list endpoint)} @optional {asset_types: str # Comma-separated list of asset types to filter the aggregation, filter: str # RSQL filter expression for filtering which assets are included in aggregation. Supports the same syntax as the main search filter including full text search with the `q` field. See the RsqlFilterString schema for complete documentation., sort: str # Comma-separated sort fields for group values. Prefix with `-` for descending order. Multiple sort fields are supported (e.g., `-issues,count`). Defaults to `count` (ascending) when not specified. Results are always tie-broken by `value` for deterministic ordering. Available sort fields: - `value` - Sort by the group value string (alphabetical) - `count` - Sort by the number of assets in each group - `last_seen_at` - Sort by the aggregated last_seen_at timestamp - `updated_at` - Sort by the aggregated updated_at timestamp - `risk_score` - Sort by the aggregated risk score - `issues` - Sort by issue severity (critical → high → medium → low), limit: int=10 # Maximum number of group values to return, starting_after: str # Cursor for forward pagination, ending_before: str # Cursor for backward pagination, meta_fields: [str] # Meta fields to include in the response. Multiple fields can be specified. Available fields: - `count` - Number of assets with this value - `last_seen_at` - Aggregated last_seen_at timestamp (default aggregation: last) - `updated_at` - Aggregated updated_at timestamp (default aggregation: last) - `risk_score` - Aggregated risk score from discovery sources (default aggregation: last) - `issues` - Aggregated issue counts (critical, high, medium, low, total) (default aggregation: last) - `labels` - Labels across assets (default aggregation: last) - `tags` - Tags across assets (default aggregation: last) - `all` - Include all available meta fields All fields default to the `last` aggregation function, which returns the value from the asset with the most recent updated_at in the group. Use the `aggregate` parameter to override the aggregation function per field. If not specified, the meta object is not included in the response. Note: Requesting meta fields may impact response time as aggregations require additional computation., aggregate: map # Per-field aggregate function override for meta fields. All fields default to `last` when not specified. `max`/`min` compute the SQL MAX/MIN across all assets in the group (scalar fields only). `first`/`last` returns the value from the single asset with the earliest/latest updated_at in the group (all field types). `sum` computes the total across all assets (numeric fields, issues, labels, tags).} @returns(200) List of group values with aggregated metadata @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint POST /groups/{group_id}/inventory/assets/searches @desc Create an asset search (asynchronous) - Group scope (Early Access) @required {group_id: str(uuid) # The unique identifier of the group} @errors {302: Found - Redirects to search results endpoint, 400: Bad Request: A parameter provided as a part of the request was invalid., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /groups/{group_id}/inventory/assets/searches/{search_id}/results @desc Retrieve asset search results (asynchronous) - Group scope (Early Access) @required {group_id: str(uuid) # The unique identifier of the group, search_id: str(uuid) # The unique identifier of the search operation} @optional {sort: str # Sort order for results (e.g., -created_at for descending), limit: int=10 # Maximum number of results to return, starting_after: str # Cursor for forward pagination, ending_before: str # Cursor for backward pagination, fields: map # Sparse fieldsets allow clients to request only specific fields for a given resource type. Use the format `fields[]=field1,field2` where `` is the JSON:API resource type. **Container image fields** (use with `fields[container_images]`): - `class` - Classification of the asset - `registry` - Container registry hostname - `repository` - Repository path - `config_digest` - Image config digest - `distribution_digests` - Distribution digests (manifest/index pairs) - `image_tags` - Distinct image tags across all discovery sources - `built_at` - When the image was built - `size_bytes` - Size of the image in bytes - `author` - Image author - `architecture` - CPU architecture - `os` - Operating system - `variant` - CPU architecture variant - `os_version` - Operating system version - `os_features` - OS features - `config` - Image runtime configuration (OCI config) - `root_fs` - Root filesystem information - `history` - Image build history - `inferred_base_images` - Inferred base images - `teams` - Teams associated with the asset - `labels` - Labels associated with the asset - `tags` - Key-value tags for the asset - `risk_score` - Risk score for the asset - `test_surfaces` - Test surfaces for the asset - `issues` - Issue counts by severity - `created_at` - When the asset was created - `updated_at` - When the asset was last updated - `last_scan` - When the asset was last scanned - `scan_engines` - Scan engines applied to the asset Note: `type` and `id` are always included regardless of field selection.} @returns(200) Search results retrieved successfully @errors {404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /groups/{group_id}/inventory/assets/{asset_id} @desc Get a single asset by ID - Group scope (Early Access) @required {group_id: str(uuid) # The unique identifier of the group, asset_id: str(uuid) # The unique identifier of the asset} @optional {fields: map # Sparse fieldsets allow clients to request only specific fields for a given resource type. Use the format `fields[]=field1,field2` where `` is the JSON:API resource type. **Container image fields** (use with `fields[container_images]`): - `class` - Classification of the asset - `registry` - Container registry hostname - `repository` - Repository path - `config_digest` - Image config digest - `distribution_digests` - Distribution digests (manifest/index pairs) - `image_tags` - Distinct image tags across all discovery sources - `built_at` - When the image was built - `size_bytes` - Size of the image in bytes - `author` - Image author - `architecture` - CPU architecture - `os` - Operating system - `variant` - CPU architecture variant - `os_version` - Operating system version - `os_features` - OS features - `config` - Image runtime configuration (OCI config) - `root_fs` - Root filesystem information - `history` - Image build history - `inferred_base_images` - Inferred base images - `teams` - Teams associated with the asset - `labels` - Labels associated with the asset - `tags` - Key-value tags for the asset - `risk_score` - Risk score for the asset - `test_surfaces` - Test surfaces for the asset - `issues` - Issue counts by severity - `created_at` - When the asset was created - `updated_at` - When the asset was last updated - `last_scan` - When the asset was last scanned - `scan_engines` - Scan engines applied to the asset Note: `type` and `id` are always included regardless of field selection.} @returns(200) Asset retrieved successfully @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint PATCH /groups/{group_id}/inventory/assets/{asset_id} @desc Update asset attributes - Group scope (Early Access) @required {group_id: str(uuid) # The unique identifier of the group, asset_id: str(uuid) # The unique identifier of the asset} @returns(200) Asset updated successfully @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /groups/{group_id}/inventory/assets/{asset_id}/relationships/projects @desc List projects for an asset (group scope) (Early Access) @required {group_id: str(uuid) # The unique identifier of the group, asset_id: str(uuid) # The unique identifier of the asset} @optional {starting_after: str # Cursor for fetching the next page of results, ending_before: str # Cursor for fetching the previous page of results, limit: int=10 # Maximum number of results to return per page, canonical: str(with/only/none) # Filter projects by canonical status. - `with`: Returns all projects (canonical attribute is populated). - `only`: Returns only canonical projects (those used for vulnerability counts). - `none`: Returns only non-canonical projects. When omitted, returns all projects without canonical filtering., target_id: str(uuid) # Filter projects by target ID. When provided, returns only projects that belong to the specified target. When omitted, returns projects from all targets.} @returns(200) Successfully retrieved linked projects @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /groups/{group_id}/inventory/assets/{asset_id}/relationships/targets @desc List targets for an asset (group scope) (Early Access) @required {group_id: str(uuid) # The unique identifier of the group, asset_id: str(uuid) # The unique identifier of the asset} @optional {starting_after: str # Cursor for fetching the next page of results, ending_before: str # Cursor for fetching the previous page of results, limit: int=10 # Maximum number of results to return per page} @returns(200) Successfully retrieved linked targets @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /groups/{group_id}/issues @desc Get issues by group ID @required {group_id: str(uuid) # Group ID} @optional {starting_after: str # Return the page of results immediately after this cursor, ending_before: str # Return the page of results immediately before this cursor, limit: int(int32)=10 # Number of results to return per page, scan_item.id: str(uuid) # A scan item id to filter issues through their scan item relationship., scan_item.type: str # A scan item types to filter issues through their scan item relationship., type: str # An issue type to filter issues., updated_before: str(date-time) # A filter to select issues updated before this date., updated_after: str(date-time) # A filter to select issues updated after this date., created_before: str(date-time) # A filter to select issues created before this date., created_after: str(date-time) # A filter to select issues created after this date., effective_severity_level: [str] # One or more effective severity levels to filter issues., status: [str] # An issue's status, ignored: bool # Whether an issue is ignored or not.} @returns(200) Returns a collection of issues. @errors {401: Unauthorized: the request requires an authentication token or a token with more permissions., 403: Unauthorized: the request requires an authentication token or a token with more permissions., 404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /groups/{group_id}/issues/{issue_id} @desc Get an issue @required {group_id: str(uuid) # Group ID, issue_id: str(uuid) # Issue ID} @returns(200) Returns an instance of an issue @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token or a token with more permissions., 403: Unauthorized: the request requires an authentication token or a token with more permissions., 404: Not Found: The resource being operated on could not be found., 409: Conflict: The requested operation conflicts with the current state of the resource in some way., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /groups/{group_id}/jobs/export/{export_id} @desc Get export status @required {group_id: str(uuid) # Group ID, export_id: str(uuid) # Unique export identifier} @returns(200) Getting an export job status @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 409: Conflict: The requested operation conflicts with the current state of the resource in some way., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /groups/{group_id}/memberships @desc Get all memberships of the group @required {group_id: str(uuid) # The ID of the group} @optional {starting_after: str # Return the page of results immediately after this cursor, ending_before: str # Return the page of results immediately before this cursor, limit: int(int32)=10 # Number of results to return per page, sort_by: str(username/user_display_name/email/login_method/role_name) # Which column to sort by., sort_order: str(ASC/DESC)=DESC # Order in which results are returned., email: str # Filter the response by Users that match the provided email, user_id: str # Filter the response by Users that match the provided user ID, username: str # Filter the response by Users that match the provided username, role_name: str # Filter the response for results only with the specified role., include_group_membership_count: bool # indicates whether the count of group memberships is included} @returns(200) List of group memberships is returned @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint POST /groups/{group_id}/memberships @desc Create a group membership for a user with role @required {group_id: str(uuid) # The ID of the group} @returns(201) Membership for the group was created @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 409: Conflict: The requested operation conflicts with the current state of the resource in some way., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint DELETE /groups/{group_id}/memberships/{membership_id} @desc Delete a membership from a group @required {group_id: str(uuid) # The ID of the group, membership_id: str(uuid) # The ID of the Group Membership} @optional {cascade: bool # indicates whether to delete the child org memberships of the group membership.} @returns(204) group membership is deleted from Group @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 409: Conflict: The requested operation conflicts with the current state of the resource in some way., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint PATCH /groups/{group_id}/memberships/{membership_id} @desc Update a role from a group membership @required {group_id: str(uuid) # The ID of the group, membership_id: str(uuid) # The ID of the Group Membership} @returns(204) The operation completed successfully with no content @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /groups/{group_id}/org_memberships @desc Get list of org memberships of a group user @required {group_id: str(uuid) # The ID of the group, user_id: str(uuid) # The ID of the User} @optional {org_name: str # The Name of the org, role_name: str # Filter the response for results only with the specified role., starting_after: str # Return the page of results immediately after this cursor, ending_before: str # Return the page of results immediately before this cursor, limit: int(int32)=10 # Number of results to return per page} @returns(200) A list of org memberships is returned @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 409: Conflict: The requested operation conflicts with the current state of the resource in some way., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /groups/{group_id}/orgs @desc List all organizations in group @required {group_id: str(uuid) # Unique identifier for group} @optional {starting_after: str # Return the page of results immediately after this cursor, ending_before: str # Return the page of results immediately before this cursor, limit: int(int32)=10 # Number of results to return per page, name: str # Only return organizations whose name contains this value. Case insensitive., slug: str # Only return organizations whose slug exactly matches this value. Case sensitive.} @returns(200) A list of organizations in the group. @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /groups/{group_id}/policies @desc Get group level policies (Early Access) @required {group_id: str(uuid) # Group ID} @optional {starting_after: str # Return the page of results immediately after this cursor, ending_before: str # Return the page of results immediately before this cursor, limit: int(int32)=10 # Number of results to return per page} @returns(200) The group policies for the requested group @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found.} @endpoint POST /groups/{group_id}/policies @desc Create a new group level policy (Early Access) @required {group_id: str(uuid) # Group ID} @returns(201) A single policy is returned if it is successfully created. @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint DELETE /groups/{group_id}/policies/{policy_id} @desc Delete an group-level policy (Early Access) @required {group_id: str(uuid) # Group ID, policy_id: str(uuid) # Policy ID} @returns(204) The operation completed successfully with no content @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint PATCH /groups/{group_id}/policies/{policy_id} @desc Update a group-level policy (Early Access) @required {group_id: str(uuid) # Group ID, policy_id: str(uuid) # Policy ID} @returns(200) A single group policy is returned if it is successfully updated. @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 409: Conflict: The requested operation conflicts with the current state of the resource in some way.} @endpoint GET /groups/{group_id}/service_accounts @desc Get a list of group service accounts. @required {group_id: str(uuid) # The ID of the Snyk Group that owns the service accounts.} @optional {starting_after: str # Return the page of results immediately after this cursor, ending_before: str # Return the page of results immediately before this cursor, limit: int(int32)=10 # Number of results to return per page} @returns(200) A list of service accounts is returned. @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint POST /groups/{group_id}/service_accounts @desc Create a service account for a group. @required {group_id: str(uuid) # The ID of the Snyk Group that is creating and owns the service account} @returns(201) A new service account has been created @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint DELETE /groups/{group_id}/service_accounts/{serviceaccount_id} @desc Delete a group service account. @required {group_id: str(uuid) # The ID of the Snyk Group that owns the service account., serviceaccount_id: str(uuid) # The ID of the service account.} @returns(204) Service account was successfully deleted. @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /groups/{group_id}/service_accounts/{serviceaccount_id} @desc Get a group service account. @required {group_id: str(uuid) # The ID of the Snyk Group that owns the service account., serviceaccount_id: str(uuid) # The ID of the service account.} @returns(200) Service account is returned. @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint PATCH /groups/{group_id}/service_accounts/{serviceaccount_id} @desc Update a group service account. @required {group_id: str(uuid) # The ID of the Snyk Group that owns the service account., serviceaccount_id: str(uuid) # The ID of the service account.} @returns(200) Service account is returned. @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint POST /groups/{group_id}/service_accounts/{serviceaccount_id}/secrets @desc Manage a group service account's client secret. @required {group_id: str(uuid) # The ID of the Snyk Group that owns the service account., serviceaccount_id: str(uuid) # The ID of the service account.} @returns(200) Service account client secret has been updated. @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /groups/{group_id}/settings/iac @desc Get the Infrastructure as Code Settings for a group @required {group_id: str(uuid) # The id of the group whose Infrastructure as Code settings are requested} @returns(200) The Infrastructure as Code Settings of the group. @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint PATCH /groups/{group_id}/settings/iac @desc Update the Infrastructure as Code Settings for a group @required {group_id: str(uuid) # The id of the group whose Infrastructure as Code settings are getting updated} @returns(200) The Infrastructure as Code Settings of the group were updated. @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint DELETE /groups/{group_id}/settings/pull_request_template @desc Delete pull request template for group @required {group_id: str(uuid) # Snyk Group ID} @returns(204) The operation completed successfully with no content @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /groups/{group_id}/settings/pull_request_template @desc Get pull request template for group @required {group_id: str(uuid) # Snyk Group ID} @optional {starting_after: str # Return the page of results immediately after this cursor, ending_before: str # Return the page of results immediately before this cursor, limit: int(int32)=10 # Number of results to return per page} @returns(200) Fetch Pull Request Template for group. @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint POST /groups/{group_id}/settings/pull_request_template @desc Create or update pull request template for group @required {group_id: str(uuid) # Snyk Group ID} @returns(201) Pull Request Template created for group. @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /groups/{group_id}/sso_connections @desc Get all SSO connections for a group (Early Access) @required {group_id: str(uuid) # The ID of the group} @optional {starting_after: str # Return the page of results immediately after this cursor, ending_before: str # Return the page of results immediately before this cursor, limit: int(int32)=10 # Number of results to return per page} @returns(200) List of SSO connections is returned @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /groups/{group_id}/sso_connections/{sso_id}/users @desc Get all users using a given SSO connection (Early Access) @required {group_id: str(uuid) # The ID of the group, sso_id: str(uuid) # The ID of the SSO} @optional {starting_after: str # Return the page of results immediately after this cursor, ending_before: str # Return the page of results immediately before this cursor, limit: int(int32)=10 # Number of results to return per page} @returns(200) List of users is returned @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint DELETE /groups/{group_id}/sso_connections/{sso_id}/users/{user_id} @desc Delete a user from a Group SSO connection (Early Access) @required {group_id: str(uuid) # The ID of the group, sso_id: str(uuid) # The ID of the SSO, user_id: str(uuid) # The ID of the User} @returns(204) User is deleted from Group SSO connection @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint PATCH /groups/{group_id}/users/{id} @desc Update a user's role in a group (Early Access) @required {group_id: str(uuid) # The id of the group, id: str(uuid) # The id of the user} @returns(204) The operation completed successfully with no content @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endgroup @group learn @endpoint GET /learn/catalog @desc List Snyk Learn's resources (Early Access) @optional {content_source: str(source-preview/cache) # The source of educational resources, limit: int(int32)=10 # Number of results to return per page, starting_after: str # Return the page of results immediately after this cursor, ending_before: str # Return the page of results immediately before this cursor} @returns(200) Returns a list of catalog resources @errors {404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endgroup @group openapi @endpoint GET /openapi @desc List available versions of OpenAPI specification @returns(200) List of available versions is returned @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /openapi/{version} @desc Get OpenAPI specification effective at version. @returns(200) OpenAPI specification matching requested version is returned @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endgroup @group orgs @endpoint GET /orgs @desc List accessible organizations @optional {starting_after: str # Return the page of results immediately after this cursor, ending_before: str # Return the page of results immediately before this cursor, limit: int(int32)=10 # Number of results to return per page, group_id: str(uuid) # If set, only return organizations within the specified group, is_personal: bool # If true, only return organizations that are not part of a group., slug: str # Only return orgs whose slug exactly matches this value., name: str # Only return orgs whose name contains this value., expand: [str] # Expand the specified related resources in the response to include their attributes.} @returns(200) A list of organizations you have access to. @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /orgs/{org_id} @desc Get organization @required {org_id: str(uuid) # Unique identifier for org} @optional {expand: [str] # Expand the specified related resources in the response to include their attributes.} @returns(200) Returns an instance of an organization @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 409: Conflict: The requested operation conflicts with the current state of the resource in some way., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint PATCH /orgs/{org_id} @desc Update organization @required {org_id: str(uuid) # Unique identifier for org} @returns(200) Instance of org is updated @returns(204) The operation completed successfully with no content @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 409: Conflict: The requested operation conflicts with the current state of the resource in some way., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /orgs/{org_id}/ai_bom_jobs/{job_id} @desc Get an AI-BOM job status (Early Access) @required {org_id: str(uuid) # Org ID, job_id: str(uuid) # The job id} @returns(200) Successful API response with a single resource @errors {303: Redirect to another resource after async processing., 404: Not Found: The resource being operated on could not be found or you do not have permission to access it., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint POST /orgs/{org_id}/ai_boms @desc Create a new AI-BOM (Early Access) @required {org_id: str(uuid) # Org ID} @returns(202) The request has been accepted for processing, but processing has not yet completed. @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 404: Not Found: The resource being operated on could not be found or you do not have permission to access it., 500: Internal Server Error: An error was encountered while attempting to process the request., 503: Service Unavailable: The server is currently unavailable to handle the request.} @endpoint POST /orgs/{org_id}/ai_boms/upload @desc Create and upload an AI-BOM (Early Access) @required {org_id: str(uuid) # Org ID} @returns(202) The request has been accepted for processing, but processing has not yet completed. @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 404: Not Found: The resource being operated on could not be found or you do not have permission to access it., 500: Internal Server Error: An error was encountered while attempting to process the request., 503: Service Unavailable: The server is currently unavailable to handle the request.} @endpoint GET /orgs/{org_id}/ai_boms/{ai_bom_id} @desc Get an AI-BOM. (Early Access) @required {org_id: str(uuid) # Org ID, ai_bom_id: str(uuid) # The ai_bom id} @returns(200) Successful API response with a single resource @errors {404: Not Found: The resource being operated on could not be found or you do not have permission to access it., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /orgs/{org_id}/app_bots @desc Get a list of app bots authorized to an organization. @required {org_id: str(uuid) # Organization ID} @optional {expand: [str] # Expand relationships., starting_after: str # Return the page of results immediately after this cursor, ending_before: str # Return the page of results immediately before this cursor, limit: int(int32)=10 # Number of results to return per page} @returns(200) A list of app bots authorized to the specified organization @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 409: Conflict: The requested operation conflicts with the current state of the resource in some way., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint DELETE /orgs/{org_id}/app_bots/{bot_id} @desc Revoke app bot authorization @required {bot_id: str(uuid) # The ID of the app bot, org_id: str(uuid) # Organization ID} @returns(204) The app bot has been deauthorized @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 409: Conflict: The requested operation conflicts with the current state of the resource in some way., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /orgs/{org_id}/apps @desc Get a list of Snyk Apps created by an Organization @required {org_id: str(uuid) # Org ID} @optional {starting_after: str # Return the page of results immediately after this cursor, ending_before: str # Return the page of results immediately before this cursor, limit: int(int32)=10 # Number of results to return per page} @returns(200) A list of apps created by the specified organization @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 409: Conflict: The requested operation conflicts with the current state of the resource in some way., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint POST /orgs/{org_id}/apps @desc Create a new app for an organization. @required {org_id: str(uuid) # Org ID} @returns(201) Created Snyk App successfully @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 409: Conflict: The requested operation conflicts with the current state of the resource in some way., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /orgs/{org_id}/apps/creations @desc Get a list of Snyk Apps created by an Organization @required {org_id: str(uuid) # Org ID} @optional {starting_after: str # Return the page of results immediately after this cursor, ending_before: str # Return the page of results immediately before this cursor, limit: int(int32)=10 # Number of results to return per page} @returns(200) A list of apps created by the specified organization @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 409: Conflict: The requested operation conflicts with the current state of the resource in some way., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint POST /orgs/{org_id}/apps/creations @desc Create a new Snyk App for an organization @required {org_id: str(uuid) # Org ID} @returns(201) Created Snyk App successfully. @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 409: Conflict: The requested operation conflicts with the current state of the resource in some way., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint DELETE /orgs/{org_id}/apps/creations/{app_id} @desc Delete a Snyk App by app ID @required {org_id: str(uuid) # Org ID, app_id: str(uuid) # App ID} @returns(204) The app has been deleted @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 409: Conflict: The requested operation conflicts with the current state of the resource in some way., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /orgs/{org_id}/apps/creations/{app_id} @desc Get a Snyk App by app ID @required {org_id: str(uuid) # Org ID, app_id: str(uuid) # App ID} @returns(200) Attributes of the requested Snyk App. @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 409: Conflict: The requested operation conflicts with the current state of the resource in some way., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint PATCH /orgs/{org_id}/apps/creations/{app_id} @desc Update app creation attributes such as name, redirect URIs, and access token time to live using the App ID @required {org_id: str(uuid) # Org ID, app_id: str(uuid) # App ID} @returns(200) Attributes of the updated Snyk App. @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 409: Conflict: The requested operation conflicts with the current state of the resource in some way., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint POST /orgs/{org_id}/apps/creations/{app_id}/secrets @desc Manage client secret for a Snyk App @required {org_id: str(uuid) # Org ID, app_id: str(uuid) # App ID} @returns(200) Secret has been updated. @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 409: Conflict: The requested operation conflicts with the current state of the resource in some way., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /orgs/{org_id}/apps/installs @desc Get a list of Snyk Apps installed for an Organization @required {org_id: str(uuid) # Organization ID} @optional {expand: [str] # Expand relationships., starting_after: str # Return the page of results immediately after this cursor, ending_before: str # Return the page of results immediately before this cursor, limit: int(int32)=10 # Number of results to return per page} @returns(200) A list of apps installed for the specified organization. @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 409: Conflict: The requested operation conflicts with the current state of the resource in some way., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint POST /orgs/{org_id}/apps/installs @desc Install a Snyk App for an Organization @required {org_id: str(uuid) # Org ID} @returns(201) The newly created app install. @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 409: Conflict: The requested operation conflicts with the current state of the resource in some way., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint DELETE /orgs/{org_id}/apps/installs/{install_id} @desc Revoke app authorization for a Snyk organization with install ID @required {org_id: str(uuid) # Org ID, install_id: str(uuid) # Install ID} @returns(204) The Snyk App install is revoked, with no content (no errors). @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 409: Conflict: The requested operation conflicts with the current state of the resource in some way., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint POST /orgs/{org_id}/apps/installs/{install_id}/secrets @desc Manage client secret for non-interactive Snyk App installations @required {org_id: str(uuid) # Org ID, install_id: str(uuid) # Install ID} @returns(200) Secret has been updated. @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 409: Conflict: The requested operation conflicts with the current state of the resource in some way., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint DELETE /orgs/{org_id}/apps/{client_id} @desc Delete an app @required {org_id: str(uuid) # Org ID, client_id: str(uuid) # Client ID} @returns(204) The app has been deleted @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 409: Conflict: The requested operation conflicts with the current state of the resource in some way., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /orgs/{org_id}/apps/{client_id} @desc Get an app by client id @required {org_id: str(uuid) # Org ID, client_id: str(uuid) # Client ID} @returns(200) Attributes of the requested Snyk App. @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 409: Conflict: The requested operation conflicts with the current state of the resource in some way., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint PATCH /orgs/{org_id}/apps/{client_id} @desc Update app attributes that are name, redirect URIs, and access token time to live @required {org_id: str(uuid) # Org ID, client_id: str(uuid) # Client ID} @returns(200) Attributes of the updated Snyk App. @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 409: Conflict: The requested operation conflicts with the current state of the resource in some way., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint POST /orgs/{org_id}/apps/{client_id}/secrets @desc Manage client secrets for an app. @required {org_id: str(uuid) # Org ID, client_id: str(uuid) # Client ID} @returns(200) Secrets have been updated. @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 409: Conflict: The requested operation conflicts with the current state of the resource in some way., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /orgs/{org_id}/audit_logs/search @desc Search Organization audit logs. @required {org_id: str(uuid) # The ID of the organization.} @optional {cursor: str # The ID for the next page of results., from: str(date-time) # The start date (inclusive) of the audit logs search. If not specified, the start of yesterday is used. Dates should be formatted as RFC3339, e.g. 2024-01-02T16:30:00Z., to: str(date-time) # The end date (exclusive) of the audit logs search. Dates should be formatted as RFC3339, e.g. 2024-01-02T16:30:00Z., size: int(int32)=100 # Number of results to return per page., sort_order: str(ASC/DESC)=DESC # Order in which results are returned., user_id: str(uuid) # Filter logs by user ID., project_id: str(uuid) # Filter logs by project ID., events: [str] # Filter logs by event types, cannot be used in conjunction with exclude_events parameter., exclude_events: [str] # Exclude event types from results, cannot be used in conjunctions with events parameter.} @returns(200) Organization Audit Logs. @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /orgs/{org_id}/brokers/connections @desc List Broker connections for a given organization @required {org_id: str(uuid) # Org ID} @optional {ending_before: str # Return the page of results immediately before this cursor, starting_after: str # Return the page of results immediately after this cursor, limit: int(int32)=10 # Number of results to return per page} @returns(200) Returns the list of Broker connections by org ID @errors {400: Bad Request: one or more parameters are invalid. Check the input to match the expected format. See [Snyk API](https://docs.snyk.io/snyk-api), 401: Unauthorized: the request requires an authentication token. See [Revoke and regenerate a Snyk API token](https://docs.snyk.io/snyk-api/rest-api/authentication-for-api/revoke-and-regenerate-a-snyk-api-token)., 404: Not Found: The resource you are trying to access could not be found. Review the request and try again., 500: Internal Server Error: An unexpected error was encountered while attempting to process the request. Try again. If the error still occurs, contact support.} @endpoint GET /orgs/{org_id}/cloud/environments @desc List Environments (Early Access) @required {org_id: str(uuid) # Organization ID} @optional {created_after: str(date-time) # Return environments created after this date, created_before: str(date-time) # Return environments created before this date, updated_after: str(date-time) # Return environments updated after this date, updated_before: str(date-time) # Return environments updated before this date, name: str # Filter environments by name (multi-value, comma-separated), kind: str # Filter environments by kind (multi-value, comma-separated): aws, status: str(queued/in_progress/success/error/null) # Filter environments by latest scan status (multi-value, comma-separated), id: str(uuid) # Filter environments by environment ID (multi-value, comma-separated), project_id: str(uuid) # Filter environments by project ID, starting_after: str # Return the page of results immediately after this cursor, ending_before: str # Return the page of results immediately before this cursor, limit: int(int32)=10 # Number of results to return per page} @returns(200) Returns a list of environments @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 409: Conflict: The requested operation conflicts with the current state of the resource in some way., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint POST /orgs/{org_id}/cloud/environments @desc Create New Environment (Early Access) @required {org_id: str(uuid) # Organization ID} @returns(201) Created environment successfully @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 409: Conflict: The requested operation conflicts with the current state of the resource in some way., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint DELETE /orgs/{org_id}/cloud/environments/{environment_id} @desc Delete Environment (Early Access) @required {org_id: str(uuid) # Organization ID, environment_id: str(uuid) # Unique identifier for an environment} @returns(204) Returns an empty response @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 409: Conflict: The requested operation conflicts with the current state of the resource in some way., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint PATCH /orgs/{org_id}/cloud/environments/{environment_id} @desc Update Environment (Early Access) @required {org_id: str(uuid) # Organization ID, environment_id: str(uuid) # Unique identifier for an environment} @returns(200) Updated an environment successfully @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 409: Conflict: The requested operation conflicts with the current state of the resource in some way., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint POST /orgs/{org_id}/cloud/permissions @desc Generate Cloud Provider Permissions (Early Access) @required {org_id: str(uuid) # Organization ID} @returns(201) Created permissions successfully @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 409: Conflict: The requested operation conflicts with the current state of the resource in some way., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /orgs/{org_id}/cloud/resources @desc List Resources (Early Access) @required {org_id: str(uuid) # Organization ID} @optional {environment_id: str(uuid) # Filter resources by environment ID (multi-value, comma-separated), resource_type: str # Filter resources by resource type (multi-value, comma-separated), resource_id: str # Filter resources by resource ID (multi-value, comma-separated), native_id: str # Filter resources by native ID (multi-value, comma-separated) (AWS ARN), id: str # Filter resources by resource UUID (multi-value, comma-separated), platform: str # Filter resources by platform (multi-value, comma-separated): aws, name: str # Filter resources by name (multi-value, comma-separated), kind: str # Filter resources by kind (multi-value, comma-separated): cloud, location: str # Filter resources by location (multi-value, comma-separated) (AWS region), removed: bool # Filter resources by whether they have been removed or not., starting_after: str # Return the page of results immediately after this cursor, ending_before: str # Return the page of results immediately before this cursor, limit: int(int32)=10 # Number of results to return per page} @returns(200) Returns a list of resources @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 409: Conflict: The requested operation conflicts with the current state of the resource in some way., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /orgs/{org_id}/cloud/scans @desc List Scans (Early Access) @required {org_id: str(uuid) # Organization ID} @optional {starting_after: str # Return the page of results immediately after this cursor, ending_before: str # Return the page of results immediately before this cursor, limit: int(int32)=10 # Number of results to return per page} @returns(200) Returns a list of scan instances @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 409: Conflict: The requested operation conflicts with the current state of the resource in some way., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint POST /orgs/{org_id}/cloud/scans @desc Create Scan (Early Access) @required {org_id: str(uuid) # Organization ID} @returns(201) Created scan successfully @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 409: Conflict: The requested operation conflicts with the current state of the resource in some way., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /orgs/{org_id}/cloud/scans/{scan_id} @desc Get scan (Early Access) @required {org_id: str(uuid) # Organization ID, scan_id: str(uuid) # Scan ID} @returns(200) Returns a single scan instance @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 409: Conflict: The requested operation conflicts with the current state of the resource in some way., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /orgs/{org_id}/collections @desc Get collections @required {org_id: str(uuid) # Org ID} @optional {starting_after: str # Return the page of results immediately after this cursor, ending_before: str # Return the page of results immediately before this cursor, limit: int(int32)=10 # Number of results to return per page, sort: str(name/projectsCount/issues) # Return collections sorted by the specified attributes, direction: str(ASC/DESC)=DESC # Return collections sorted in the specified direction, name: str # Return collections which names include the provided string, is_generated: bool # Return collections where is_generated matches the provided boolean} @returns(200) Returns a list of collections @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint POST /orgs/{org_id}/collections @desc Create a collection @required {org_id: str(uuid) # Org ID} @returns(201) Returned collection @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 409: Conflict: The requested operation conflicts with the current state of the resource in some way., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint DELETE /orgs/{org_id}/collections/{collection_id} @desc Delete a collection @required {org_id: str(uuid) # Org ID, collection_id: str(uuid) # Unique identifier for a collection} @returns(204) Collection was deleted successfully @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 409: Conflict: The requested operation conflicts with the current state of the resource in some way., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /orgs/{org_id}/collections/{collection_id} @desc Get a collection @required {org_id: str(uuid) # Org ID, collection_id: str(uuid) # Unique identifier for a collection} @returns(200) Returned collection @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 409: Conflict: The requested operation conflicts with the current state of the resource in some way., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint PATCH /orgs/{org_id}/collections/{collection_id} @desc Edit a collection @required {org_id: str(uuid) # Org ID, collection_id: str(uuid) # Unique identifier for a collection} @returns(200) Returned collection @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 409: Conflict: The requested operation conflicts with the current state of the resource in some way., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint DELETE /orgs/{org_id}/collections/{collection_id}/relationships/projects @desc Remove projects from a collection @required {org_id: str(uuid) # Org ID, collection_id: str(uuid) # Unique identifier for a collection} @returns(204) successfully removing projects from a collection @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 409: Conflict: The requested operation conflicts with the current state of the resource in some way., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /orgs/{org_id}/collections/{collection_id}/relationships/projects @desc Get projects from the specified collection @required {org_id: str(uuid) # Org ID, collection_id: str(uuid) # Unique identifier for a collection} @optional {starting_after: str # Return the page of results immediately after this cursor, ending_before: str # Return the page of results immediately before this cursor, limit: int(int32)=10 # Number of results to return per page, sort: str(imported/last_tested_at/issues) # Return projects sorted by the specified attributes, direction: str(ASC/DESC)=DESC # Return projects sorted in the specified direction, target_id: [str(uuid)] # Return projects that belong to the provided targets, show: [str] # Return projects that are with or without issues, integration: [str] # Return projects that match the provided integration types} @returns(200) Returns a list of projects from the specified collection @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint POST /orgs/{org_id}/collections/{collection_id}/relationships/projects @desc Add projects to a collection @required {org_id: str(uuid) # Org ID, collection_id: str(uuid) # Unique identifier for a collection} @returns(204) successfully adding projects to a collection @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 409: Conflict: The requested operation conflicts with the current state of the resource in some way., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /orgs/{org_id}/container_images @desc List instances of container image @required {org_id: str(uuid) # Org ID} @optional {image_ids: [str(uri)] # A comma-separated list of Image IDs, platform: str(aix/ppc64/android/386/android/amd64/android/arm/android/arm/v5/android/arm/v6/android/arm/v7/android/arm64/android/arm64/v8/darwin/amd64/darwin/arm/darwin/arm/v5/darwin/arm/v6/darwin/arm/v7/darwin/arm64/darwin/arm64/v8/dragonfly/amd64/freebsd/386/freebsd/amd64/freebsd/arm/freebsd/arm/v5/freebsd/arm/v6/freebsd/arm/v7/illumos/amd64/ios/arm64/ios/arm64/v8/js/wasm/linux/386/linux/amd64/linux/arm/linux/arm/v5/linux/arm/v6/linux/arm/v7/linux/arm64/linux/arm64/v8/linux/loong64/linux/mips/linux/mipsle/linux/mips64/linux/mips64le/linux/ppc64/linux/ppc64le/linux/riscv64/linux/s390x/linux/x86_64/netbsd/386/netbsd/amd64/netbsd/arm/netbsd/arm/v5/netbsd/arm/v6/netbsd/arm/v7/openbsd/386/openbsd/amd64/openbsd/arm/openbsd/arm/v5/openbsd/arm/v6/openbsd/arm/v7/openbsd/arm64/openbsd/arm64/v8/plan9/386/plan9/amd64/plan9/arm/plan9/arm/v5/plan9/arm/v6/plan9/arm/v7/solaris/amd64/windows/386/windows/amd64/windows/arm/windows/arm/v5/windows/arm/v6/windows/arm/v7/windows/arm64/windows/arm64/v8) # The image Operating System and processor architecture, names: [str] # The container registry names, limit: int(int32)=10 # Number of results to return per page, starting_after: str # Return the page of results immediately after this cursor, ending_before: str # Return the page of results immediately before this cursor} @returns(200) Returns a list of container image instances @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 409: Conflict: The requested operation conflicts with the current state of the resource in some way., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /orgs/{org_id}/container_images/{image_id} @desc Get instance of container image @required {org_id: str(uuid) # Org ID, image_id: str(uri) # Image ID} @returns(200) Returns an instance of container image @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 409: Conflict: The requested operation conflicts with the current state of the resource in some way., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /orgs/{org_id}/container_images/{image_id}/relationships/image_target_refs @desc List instances of image target references for a container image @required {org_id: str(uuid) # Org ID, image_id: str(uri) # Image ID} @optional {limit: int(int32)=10 # Number of results to return per page, starting_after: str # Return the page of results immediately after this cursor, ending_before: str # Return the page of results immediately before this cursor} @returns(200) Returns a list of image target references for a container image @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 409: Conflict: The requested operation conflicts with the current state of the resource in some way., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint POST /orgs/{org_id}/container_import/{integration_id}/policy/dry_run @desc Create a dry run job for a container registry import policy (Early Access) @required {org_id: str(uuid) # Org ID, integration_id: str(uuid) # Container Registry Integration ID} @returns(202) Dry run job created successfully @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 409: Conflict: The requested operation conflicts with the current state of the resource in some way., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /orgs/{org_id}/container_import/{integration_id}/policy/dry_run/{job_id} @desc Get a dry run job (Early Access) @required {org_id: str(uuid) # Org ID, integration_id: str(uuid) # Container Registry Integration ID, job_id: str(uuid) # Dry run job ID} @returns(200) Dry run job retrieved successfully @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /orgs/{org_id}/ecosystems/{ecosystem}/packages/{package_name} @desc Get a package (Early Access) @required {org_id: str(uuid) # Org ID, ecosystem: str(npm/pypi/maven/nuget/golang) # The package ecosystem, package_name: str # Package name (URL encoded if needed)} @returns(200) Returns package metadata @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 409: Conflict: The requested operation conflicts with the current state of the resource in some way., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /orgs/{org_id}/ecosystems/{ecosystem}/packages/{package_name}/versions/{package_version} @desc Get a package version (Early Access) @required {org_id: str(uuid) # Org ID, ecosystem: str(npm/pypi/maven/nuget/golang) # The package ecosystem, package_name: str # Package name (URL encoded if needed), package_version: str # Package version (URL encoded if needed). Accepts semantic versioning formats (e.g., 1.2.3, v1.2.3). Note: Golang commit hashes are NOT supported.} @returns(200) Returns package version metadata @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 409: Conflict: The requested operation conflicts with the current state of the resource in some way., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint POST /orgs/{org_id}/export @desc Start an export @required {org_id: str(uuid) # Org ID} @optional {include_deleted: str # Optional parameter to include deleted issues in results, include_deactivated: str # Optional parameter to include disabled issues in results} @returns(202) Created an Export successfully @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 409: Conflict: The requested operation conflicts with the current state of the resource in some way., 429: Too many requests, 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /orgs/{org_id}/export/{export_id} @desc Get export results @required {org_id: str(uuid) # Org ID, export_id: str(uuid) # Unique export identifier} @returns(200) Getting an export job results @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 409: Conflict: The requested operation conflicts with the current state of the resource in some way., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /orgs/{org_id}/inventory/assets @desc List or search all assets (synchronous) - Org scope (Early Access) @required {org_id: str(uuid) # The unique identifier of the organization} @optional {filter: str # RSQL filter expression for filtering results. See schema for full documentation., sort: str # Comma-separated sort fields. Prefix with `-` for descending order., limit: int=10 # Number of results to return per page, starting_after: str # Cursor for fetching the next page of results, ending_before: str # Cursor for fetching the previous page of results, fields: map # Sparse fieldsets allow clients to request only specific fields for a given resource type. Use the format `fields[]=field1,field2` where `` is the JSON:API resource type. **Container image fields** (use with `fields[container_images]`): - `class` - Classification of the asset - `registry` - Container registry hostname - `repository` - Repository path - `config_digest` - Image config digest - `distribution_digests` - Distribution digests (manifest/index pairs) - `image_tags` - Distinct image tags across all discovery sources - `built_at` - When the image was built - `size_bytes` - Size of the image in bytes - `author` - Image author - `architecture` - CPU architecture - `os` - Operating system - `variant` - CPU architecture variant - `os_version` - Operating system version - `os_features` - OS features - `config` - Image runtime configuration (OCI config) - `root_fs` - Root filesystem information - `history` - Image build history - `inferred_base_images` - Inferred base images - `teams` - Teams associated with the asset - `labels` - Labels associated with the asset - `tags` - Key-value tags for the asset - `risk_score` - Risk score for the asset - `test_surfaces` - Test surfaces for the asset - `issues` - Issue counts by severity - `created_at` - When the asset was created - `updated_at` - When the asset was last updated - `last_scan` - When the asset was last scanned - `scan_engines` - Scan engines applied to the asset Note: `type` and `id` are always included regardless of field selection., meta_count: str(with/only) # Provide summary count in the response meta object when requested. When `with` is provided, the count will be included in the response meta object. When `only` is provided, the count will be included in the response meta object and no data will be returned.} @returns(200) Successful response with a polymorphic list of assets @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint PATCH /orgs/{org_id}/inventory/assets @desc Bulk update asset attributes - Org scope (Early Access) @required {org_id: str(uuid) # The unique identifier of the organization} @returns(204) Assets updated successfully @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /orgs/{org_id}/inventory/assets/filters @desc Get available filter fields - Org scope (Early Access) @required {org_id: str(uuid) # The unique identifier of the organization} @optional {asset_types: str # Comma-separated list of asset types to filter the available filter fields, limit: int=10 # Number of results to return, starting_after: str # Cursor for fetching the next page of results, ending_before: str # Cursor for fetching the previous page of results} @returns(200) List of available filter fields @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /orgs/{org_id}/inventory/assets/filters/{filter_id}/values @desc Get filter value suggestions (autocomplete) - Org scope (Early Access) @required {org_id: str(uuid) # The unique identifier of the organization, filter_id: str(uuid) # The UUID of the filter field to get values for (from the filter fields list endpoint)} @optional {q: str # Full text search term to filter the list of values. If keys_only is true, this will filter the keys of the object filter values. If key is provided, this will filter the value for the specific key of the object filter values., limit: int=10 # Number of results to return, starting_after: str # Cursor for fetching the next page of results, ending_before: str # Cursor for fetching the previous page of results, keys_only: bool # Return only the keys of the object filter values, key: str # Return only the value for a specific key of the object filter values} @returns(200) List of filter values @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /orgs/{org_id}/inventory/assets/groups @desc Get available group fields - Org scope (Early Access) @required {org_id: str(uuid) # The unique identifier of the organization} @optional {asset_types: str # Comma-separated list of asset types to filter group fields, limit: int=10 # Maximum number of results to return, starting_after: str # Cursor for forward pagination, ending_before: str # Cursor for backward pagination} @returns(200) List of available group fields @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /orgs/{org_id}/inventory/assets/groups/{group_field_id}/values @desc Get group value aggregation - Org scope (Early Access) @required {org_id: str(uuid) # The unique identifier of the organization, group_field_id: str(uuid) # The UUID of the group field to get values for (from the group fields list endpoint)} @optional {asset_types: str # Comma-separated list of asset types to filter the aggregation, filter: str # RSQL filter expression for filtering which assets are included in aggregation. Supports the same syntax as the main search filter including full text search with the `q` field. See the RsqlFilterString schema for complete documentation., sort: str # Comma-separated sort fields for group values. Prefix with `-` for descending order. Multiple sort fields are supported (e.g., `-issues,count`). Defaults to `count` (ascending) when not specified. Results are always tie-broken by `value` for deterministic ordering. Available sort fields: - `value` - Sort by the group value string (alphabetical) - `count` - Sort by the number of assets in each group - `last_seen_at` - Sort by the aggregated last_seen_at timestamp - `updated_at` - Sort by the aggregated updated_at timestamp - `risk_score` - Sort by the aggregated risk score - `issues` - Sort by issue severity (critical → high → medium → low), limit: int=10 # Maximum number of group values to return, starting_after: str # Cursor for forward pagination, ending_before: str # Cursor for backward pagination, meta_fields: [str] # Meta fields to include in the response. Multiple fields can be specified. Available fields: - `count` - Number of assets with this value - `last_seen_at` - Aggregated last_seen_at timestamp (default aggregation: last) - `updated_at` - Aggregated updated_at timestamp (default aggregation: last) - `risk_score` - Aggregated risk score from discovery sources (default aggregation: last) - `issues` - Aggregated issue counts (critical, high, medium, low, total) (default aggregation: last) - `labels` - Labels across assets (default aggregation: last) - `tags` - Tags across assets (default aggregation: last) - `all` - Include all available meta fields All fields default to the `last` aggregation function, which returns the value from the asset with the most recent updated_at in the group. Use the `aggregate` parameter to override the aggregation function per field. If not specified, the meta object is not included in the response. Note: Requesting meta fields may impact response time as aggregations require additional computation., aggregate: map # Per-field aggregate function override for meta fields. All fields default to `last` when not specified. `max`/`min` compute the SQL MAX/MIN across all assets in the group (scalar fields only). `first`/`last` returns the value from the single asset with the earliest/latest updated_at in the group (all field types). `sum` computes the total across all assets (numeric fields, issues, labels, tags).} @returns(200) List of group values with aggregated metadata @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint POST /orgs/{org_id}/inventory/assets/searches @desc Create an asset search (asynchronous) - Org scope (Early Access) @required {org_id: str(uuid) # The unique identifier of the organization} @errors {302: Found - Redirects to search results endpoint, 400: Bad Request: A parameter provided as a part of the request was invalid., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /orgs/{org_id}/inventory/assets/searches/{search_id}/results @desc Retrieve asset search results (asynchronous) - Org scope (Early Access) @required {org_id: str(uuid) # The unique identifier of the organization, search_id: str(uuid) # The unique identifier of the search operation} @optional {sort: str # Sort order for results (e.g., -created_at for descending), limit: int=10 # Maximum number of results to return, starting_after: str # Cursor for forward pagination, ending_before: str # Cursor for backward pagination, fields: map # Sparse fieldsets allow clients to request only specific fields for a given resource type. Use the format `fields[]=field1,field2` where `` is the JSON:API resource type. **Container image fields** (use with `fields[container_images]`): - `class` - Classification of the asset - `registry` - Container registry hostname - `repository` - Repository path - `config_digest` - Image config digest - `distribution_digests` - Distribution digests (manifest/index pairs) - `image_tags` - Distinct image tags across all discovery sources - `built_at` - When the image was built - `size_bytes` - Size of the image in bytes - `author` - Image author - `architecture` - CPU architecture - `os` - Operating system - `variant` - CPU architecture variant - `os_version` - Operating system version - `os_features` - OS features - `config` - Image runtime configuration (OCI config) - `root_fs` - Root filesystem information - `history` - Image build history - `inferred_base_images` - Inferred base images - `teams` - Teams associated with the asset - `labels` - Labels associated with the asset - `tags` - Key-value tags for the asset - `risk_score` - Risk score for the asset - `test_surfaces` - Test surfaces for the asset - `issues` - Issue counts by severity - `created_at` - When the asset was created - `updated_at` - When the asset was last updated - `last_scan` - When the asset was last scanned - `scan_engines` - Scan engines applied to the asset Note: `type` and `id` are always included regardless of field selection.} @returns(200) Search results retrieved successfully @errors {404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /orgs/{org_id}/inventory/assets/{asset_id} @desc Get a single asset by ID - Org scope (Early Access) @required {org_id: str(uuid) # The unique identifier of the organization, asset_id: str(uuid) # The unique identifier of the asset} @optional {fields: map # Sparse fieldsets allow clients to request only specific fields for a given resource type. Use the format `fields[]=field1,field2` where `` is the JSON:API resource type. **Container image fields** (use with `fields[container_images]`): - `class` - Classification of the asset - `registry` - Container registry hostname - `repository` - Repository path - `config_digest` - Image config digest - `distribution_digests` - Distribution digests (manifest/index pairs) - `image_tags` - Distinct image tags across all discovery sources - `built_at` - When the image was built - `size_bytes` - Size of the image in bytes - `author` - Image author - `architecture` - CPU architecture - `os` - Operating system - `variant` - CPU architecture variant - `os_version` - Operating system version - `os_features` - OS features - `config` - Image runtime configuration (OCI config) - `root_fs` - Root filesystem information - `history` - Image build history - `inferred_base_images` - Inferred base images - `teams` - Teams associated with the asset - `labels` - Labels associated with the asset - `tags` - Key-value tags for the asset - `risk_score` - Risk score for the asset - `test_surfaces` - Test surfaces for the asset - `issues` - Issue counts by severity - `created_at` - When the asset was created - `updated_at` - When the asset was last updated - `last_scan` - When the asset was last scanned - `scan_engines` - Scan engines applied to the asset Note: `type` and `id` are always included regardless of field selection.} @returns(200) Asset retrieved successfully @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint PATCH /orgs/{org_id}/inventory/assets/{asset_id} @desc Update asset attributes - Org scope (Early Access) @required {org_id: str(uuid) # The unique identifier of the organization, asset_id: str(uuid) # The unique identifier of the asset} @returns(200) Asset updated successfully @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /orgs/{org_id}/inventory/assets/{asset_id}/relationships/projects @desc List projects for an asset (org scope) (Early Access) @required {org_id: str(uuid) # The unique identifier of the organization, asset_id: str(uuid) # The unique identifier of the asset} @optional {starting_after: str # Cursor for fetching the next page of results, ending_before: str # Cursor for fetching the previous page of results, limit: int=10 # Maximum number of results to return per page, canonical: str(with/only/none) # Filter projects by canonical status. - `with`: Returns all projects (canonical attribute is populated). - `only`: Returns only canonical projects (those used for vulnerability counts). - `none`: Returns only non-canonical projects. When omitted, returns all projects without canonical filtering., target_id: str(uuid) # Filter projects by target ID. When provided, returns only projects that belong to the specified target. When omitted, returns projects from all targets.} @returns(200) Successfully retrieved linked projects @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /orgs/{org_id}/inventory/assets/{asset_id}/relationships/targets @desc List targets for an asset (org scope) (Early Access) @required {org_id: str(uuid) # The unique identifier of the organization, asset_id: str(uuid) # The unique identifier of the asset} @optional {starting_after: str # Cursor for fetching the next page of results, ending_before: str # Cursor for fetching the previous page of results, limit: int=10 # Maximum number of results to return per page} @returns(200) Successfully retrieved linked targets @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /orgs/{org_id}/invites @desc List pending user invitations to an organization. @required {org_id: str(uuid) # The id of the org the user is being invited to} @optional {starting_after: str # Return the page of results immediately after this cursor, ending_before: str # Return the page of results immediately before this cursor, limit: int(int32)=10 # Number of results to return per page} @returns(200) List of pending invitations to an organization. @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint POST /orgs/{org_id}/invites @desc Invite a user to an organization @required {org_id: str(uuid) # The id of the org the user is being invited to} @returns(201) A new organization invitation has been created @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint DELETE /orgs/{org_id}/invites/{invite_id} @desc Cancel a pending user invitations to an organization. @required {org_id: str(uuid) # The id of the org the user is being invited to, invite_id: str(uuid) # The id of the pending invite to cancel} @returns(204) The operation completed successfully with no content @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /orgs/{org_id}/issues @desc Get issues by org ID @required {org_id: str(uuid) # Org ID} @optional {starting_after: str # Return the page of results immediately after this cursor, ending_before: str # Return the page of results immediately before this cursor, limit: int(int32)=10 # Number of results to return per page, scan_item.id: str(uuid) # A scan item id to filter issues through their scan item relationship., scan_item.type: str # A scan item types to filter issues through their scan item relationship., type: str # An issue type to filter issues., updated_before: str(date-time) # A filter to select issues updated before this date., updated_after: str(date-time) # A filter to select issues updated after this date., created_before: str(date-time) # A filter to select issues created before this date., created_after: str(date-time) # A filter to select issues created after this date., effective_severity_level: [str] # One or more effective severity levels to filter issues., status: [str] # An issue's status, ignored: bool # Whether an issue is ignored or not.} @returns(200) Returns a collection of issues. @errors {401: Unauthorized: the request requires an authentication token or a token with more permissions., 403: Unauthorized: the request requires an authentication token or a token with more permissions., 404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /orgs/{org_id}/issues/{issue_id} @desc Get an issue @required {org_id: str(uuid) # Org ID, issue_id: str(uuid) # Issue ID} @returns(200) Returns an instance of an issue @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token or a token with more permissions., 403: Unauthorized: the request requires an authentication token or a token with more permissions., 404: Not Found: The resource being operated on could not be found., 409: Conflict: The requested operation conflicts with the current state of the resource in some way., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /orgs/{org_id}/jobs/export/{export_id} @desc Get export status @required {org_id: str(uuid) # Org ID, export_id: str(uuid) # Unique export identifier} @returns(200) Getting an export job status @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 409: Conflict: The requested operation conflicts with the current state of the resource in some way., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint DELETE /orgs/{org_id}/learn/assignments @desc Bulk deletion of assignments in an organization (Early Access) @required {org_id: str(uuid) # The unique identifier of the organization.} @returns(204) Assignments were successfully deleted. @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 409: Conflict - The assignment cannot be deleted because it is part of a Learning Program., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /orgs/{org_id}/learn/assignments @desc Retrieve a list of assignments for an organization (Early Access) @required {org_id: str(uuid) # The unique identifier of the organization.} @optional {starting_after: str # Return the page of results immediately after this cursor, ending_before: str # Return the page of results immediately before this cursor, limit: int(int32)=10 # Number of results to return per page} @returns(200) A list of assignments was successfully retrieved. @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint PATCH /orgs/{org_id}/learn/assignments @desc Update due date for assignments in an organization. (Early Access) @required {org_id: str(uuid) # The unique identifier of the organization.} @returns(204) Assignments due date was successfully updated. @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint POST /orgs/{org_id}/learn/assignments @desc Bulk creation of assignments for users in an organization. (Early Access) @required {org_id: str(uuid) # The unique identifier of the organization.} @returns(204) Assignments were successfully created. @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint POST /orgs/{org_id}/learn/assignments/bulk_delete @desc Bulk deletion of assignments in an organization (Early Access) @required {org_id: str(uuid) # The unique identifier of the organization.} @returns(204) Assignments were successfully deleted. @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 409: Conflict - The assignment cannot be deleted because it is part of a Learning Program., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /orgs/{org_id}/learn/progress/catalog @desc Get collective learning progress (Early Access) @required {org_id: str(uuid) # The unique identifier of the organization.} @optional {starting_after: str # Return the page of results immediately after this cursor, ending_before: str # Return the page of results immediately before this cursor, limit: int(int32)=10 # Number of results to return per page, type: str(learning_path/lesson)=lesson # Filter by the learn catalog resource type, title: str # This is deprecated, use Titles instead, cwes: [str] # Filter by CWE rules, cves: [str] # Filter by CVE rules} @returns(200) Organization reporting users overview @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /orgs/{org_id}/learn/progress/users @desc Get individual user learning progress (Early Access) @required {org_id: str(uuid) # The unique identifier of the organization.} @optional {starting_after: str # Return the page of results immediately after this cursor, ending_before: str # Return the page of results immediately before this cursor, limit: int(int32)=10 # Number of results to return per page, type: str(learning_path/lesson)=lesson # Filter by the learn catalog resource type, title: str # This is deprecated, use Titles instead, titles: [str] # Filter by the title of the learning path or lesson resource, status: str(completed/inProgress) # Filter by progress status of the resources, emails: [str(email)] # Filter by user email addresses, completion_interval: str # Filter by date interval in ISO 8601 format (e.g. 2024-01-01/2024-02-01)} @returns(200) Organization reporting users overview @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /orgs/{org_id}/memberships @desc Get all memberships of the org @required {org_id: str(uuid) # The ID of the org} @optional {starting_after: str # Return the page of results immediately after this cursor, ending_before: str # Return the page of results immediately before this cursor, limit: int(int32)=10 # Number of results to return per page, sort_by: str(username/user_display_name/email/login_method/role) # Which column to sort by., sort_order: str(ASC/DESC)=ASC # Order in which results are returned., email: str # Filter the response by Users that match the provided email, user_id: str # Filter the response by Users that match the provided user ID, username: str # Filter the response by Users that match the provided username, role_name: str # Filter the response for results only with the specified role.} @returns(200) List of org memberships is returned @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint POST /orgs/{org_id}/memberships @desc Create a org membership for a user with role @required {org_id: str(uuid) # The ID of the org} @returns(201) Membership for the user is created on the org @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 409: Conflict: The requested operation conflicts with the current state of the resource in some way., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint DELETE /orgs/{org_id}/memberships/{membership_id} @desc Remove user's org membership @required {org_id: str(uuid) # The id of the org, membership_id: str(uuid) # The id of the org membership} @returns(204) Org membership for the user was successfully deleted. @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint PATCH /orgs/{org_id}/memberships/{membership_id} @desc Update a org membership for a user with role @required {org_id: str(uuid) # The id of the org, membership_id: str(uuid) # The id of the org membership} @returns(204) The Membership is updated @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 409: Conflict: The requested operation conflicts with the current state of the resource in some way., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint POST /orgs/{org_id}/packages/issues @desc List issues for a given set of packages (Currently not available to all customers) @required {org_id: str(uuid) # Unique identifier for an organization} @returns(200) Returns an array of issues with the purl identifier of the package that caused them @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 409: Conflict: The requested operation conflicts with the current state of the resource in some way., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /orgs/{org_id}/packages/{purl}/issues @desc List issues for a package @required {purl: str # A URI-encoded Package URL (purl). Supported purl types are apk, cargo, cocoapods, composer, conan, deb, gem, generic, golang, hex, maven, npm, nuget, pub, pypi, rpm, and swift. A version for the package is also required. Maven packages support an optional checksum qualifier to request checksum validation. When provided, the response will include checksum validation metadata indicating whether the package and checksum match records in Snyk's database. Checksum format: `algorithm:hex_value` (lowercase), for example `sha1:ad9503c3e994a4f611a4892f2e67ac82df727086`. Only one checksum is supported per request. Supported algorithms: md5, sha1, sha256, sha512., org_id: str(uuid) # Unique identifier for an organization} @optional {offset: int # Specify the number of results to skip before returning results. Must be greater than or equal to 0. Default is 0., limit: int # Specify the number of results to return. Must be greater than 0 and less than 1000. Default is 1000.} @returns(200) Returns an array of issues @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 409: Conflict: The requested operation conflicts with the current state of the resource in some way., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /orgs/{org_id}/policies @desc Get org-level policies @required {org_id: str(uuid) # Org ID} @optional {starting_after: str # Return the page of results immediately after this cursor, ending_before: str # Return the page of results immediately before this cursor, limit: int(int32)=10 # Number of results to return per page, search: str # Search keyword for searching fields ignored_by.name, ignored_by.email, ignore_type in policy_rules, order_by: str(created/expires/ignore-type/requested-by) # The column name to sort on, order_direction: str(asc/desc) # Sorting direction ASC/DESC, review: [str] # Policy rule review state e.g. approved, expires_before: str(date-time) # Select only policies with an expiry strictly before the given time., expires_after: str(date-time) # Select only policies with an expiry strictly past the given time., expires_never: bool # Select only policies that never expire.} @returns(200) The policies for the requested organisation. @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found.} @endpoint POST /orgs/{org_id}/policies @desc Create a new org-level policy @required {org_id: str(uuid) # Org ID} @returns(201) A single policy is returned if it is successfully created. @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint DELETE /orgs/{org_id}/policies/{policy_id} @desc Delete an org-level policy @required {org_id: str(uuid) # Org ID, policy_id: str(uuid) # Policy ID} @returns(204) The operation completed successfully with no content @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /orgs/{org_id}/policies/{policy_id} @desc Get an org-level policy @required {org_id: str(uuid) # Org ID, policy_id: str(uuid) # Policy ID} @returns(200) The requested policy. @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found.} @endpoint PATCH /orgs/{org_id}/policies/{policy_id} @desc Update an org-level policy @required {org_id: str(uuid) # Org ID, policy_id: str(uuid) # Policy ID} @returns(200) A single policy is returned if it is successfully updated. @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 409: Conflict: The requested operation conflicts with the current state of the resource in some way.} @endpoint GET /orgs/{org_id}/policies/{policy_id}/events @desc List org policy events (Early Access) @required {org_id: str(uuid) # Org ID, policy_id: str(uuid) # Policy ID} @optional {starting_after: str # Return the page of results immediately after this cursor, ending_before: str # Return the page of results immediately before this cursor, limit: int(int32)=10 # Number of results to return per page} @returns(200) The requested policy. @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found.} @endpoint GET /orgs/{org_id}/projects @desc List all Projects for an Org with the given Org ID. @required {org_id: str(uuid) # The ID of the org that the projects belong to.} @optional {target_id: [str(uuid)] # Return projects that belong to the provided targets, target_reference: str # Return projects that match the provided target reference, target_file: str # Return projects that match the provided target file, target_runtime: str # Return projects that match the provided target runtime, meta_count: str # The collection count., ids: [str(uuid)] # Return projects that match the provided IDs., names: [str] # Return projects that match the provided names., names_start_with: [str] # Return projects with names starting with the specified prefix., origins: [str] # Return projects that match the provided origins., types: [str] # Return projects that match the provided types., expand: [str] # Expand relationships., meta.latest_issue_counts: bool # Include a summary count for the issues found in the most recent scan of this project, meta.latest_dependency_total: bool # Include the total number of dependencies found in the most recent scan of this project, cli_monitored_before: str(date-time) # Filter projects uploaded and monitored before this date (encoded value), cli_monitored_after: str(date-time) # Filter projects uploaded and monitored after this date (encoded value), importing_user_public_id: [str] # Return projects that match the provided importing user public ids., tags: [str] # Return projects that match all the provided tags, business_criticality: [str] # Return projects that match all the provided business_criticality value, environment: [str] # Return projects that match all the provided environment values, lifecycle: [str] # Return projects that match all the provided lifecycle values, starting_after: str # Return the page of results immediately after this cursor, ending_before: str # Return the page of results immediately before this cursor, limit: int(int32)=10 # Number of results to return per page} @returns(200) A list of projects is returned for the targeted org @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint DELETE /orgs/{org_id}/projects/{project_id} @desc Delete project by project ID. @required {org_id: str(uuid) # The ID of the org to which the project belongs to., project_id: str(uuid) # The ID of the project.} @returns(204) The project has been deleted @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /orgs/{org_id}/projects/{project_id} @desc Get project by project ID. @required {org_id: str(uuid) # The ID of the org to which the project belongs to., project_id: str(uuid) # The ID of the project.} @optional {expand: [str] # Expand relationships., meta.latest_issue_counts: bool # Include a summary count for the issues found in the most recent scan of this project, meta.latest_dependency_total: bool # Include the total number of dependencies found in the most recent scan of this project} @returns(200) A project is returned for the targeted org @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint PATCH /orgs/{org_id}/projects/{project_id} @desc Updates project by project ID. @required {org_id: str(uuid) # The ID of the Org the project belongs to., project_id: str(uuid) # The ID of the project to patch.} @optional {expand: [str] # Expand relationships.} @returns(200) A project is updated for the targeted org @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /orgs/{org_id}/projects/{project_id}/sbom @desc Get a project’s SBOM document @required {org_id: str(uuid) # Unique identifier for an organization, project_id: str(uuid) # Unique identifier for a project} @optional {format: str(cyclonedx1.6+json/cyclonedx1.6+xml/cyclonedx1.5+json/cyclonedx1.5+xml/cyclonedx1.4+json/cyclonedx1.4+xml/spdx2.3+json) # The desired SBOM format of the response., exclude: [str] # An array of features to be excluded from the generated SBOM., go_module_level: bool=false # When true, consolidate Go package-level dependencies into module-level components in the SBOM. Only applies to gomodules graphs; default is false.} @returns(200) Returns the SBOM document of a project @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 409: Conflict: The requested operation conflicts with the current state of the resource in some way., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint POST /orgs/{org_id}/sbom_tests @desc Create an SBOM test run (Early Access) @required {org_id: str(uuid) # Org ID} @returns(201) Created SBOM test successfully @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 409: Conflict: The requested operation conflicts with the current state of the resource in some way., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /orgs/{org_id}/sbom_tests/{job_id} @desc Gets an SBOM test run status (Early Access) @required {org_id: str(uuid) # Org ID, job_id: str(uuid) # Job ID} @returns(200) SBOM test run status @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 409: Conflict: The requested operation conflicts with the current state of the resource in some way., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /orgs/{org_id}/sbom_tests/{job_id}/results @desc Gets an SBOM test run result (Early Access) @required {org_id: str(uuid) # Org ID, job_id: str(uuid) # Job ID} @optional {starting_after: str # Return the page of results immediately after this cursor, ending_before: str # Return the page of results immediately before this cursor, limit: int(int32)=10 # Number of results to return per page, Accept: str} @returns(200) SBOM test results @endpoint GET /orgs/{org_id}/service_accounts @desc Get a list of organization service accounts. @required {org_id: str(uuid) # The ID of the Snyk Organization that owns the service accounts.} @optional {starting_after: str # Return the page of results immediately after this cursor, ending_before: str # Return the page of results immediately before this cursor, limit: int(int32)=10 # Number of results to return per page} @returns(200) A list of service accounts is returned. @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint POST /orgs/{org_id}/service_accounts @desc Create a service account for an organization. @required {org_id: str(uuid) # The ID of the Snyk Organization that is creating and will own the service account.} @returns(201) A new service account has been created @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint DELETE /orgs/{org_id}/service_accounts/{serviceaccount_id} @desc Delete a service account in an organization. @required {org_id: str(uuid) # The ID of org to which the service account belongs., serviceaccount_id: str(uuid) # The ID of the service account.} @returns(204) The service account has been deleted. @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /orgs/{org_id}/service_accounts/{serviceaccount_id} @desc Get an organization service account. @required {org_id: str(uuid) # The ID of the Snyk Organization that owns the service account., serviceaccount_id: str(uuid) # The ID of the service account.} @returns(200) Service account is returned. @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint PATCH /orgs/{org_id}/service_accounts/{serviceaccount_id} @desc Update an organization service account. @required {org_id: str(uuid) # The ID of the Snyk Organization that owns the service account., serviceaccount_id: str(uuid) # The ID of the service account.} @returns(200) Service account is returned. @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint POST /orgs/{org_id}/service_accounts/{serviceaccount_id}/secrets @desc Manage an organization service account's client secret. @required {org_id: str(uuid) # The ID of the Snyk Organization that owns the service account., serviceaccount_id: str(uuid) # The ID of the service account.} @returns(200) Service account client secret has been updated. @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /orgs/{org_id}/settings/iac @desc Get the Infrastructure as Code Settings for an org. @required {org_id: str(uuid) # The id of the org whose Infrastructure as Code settings are requested.} @returns(200) The Infrastructure as Code Settings of the org. @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint PATCH /orgs/{org_id}/settings/iac @desc Update the Infrastructure as Code Settings for an org @required {org_id: str(uuid) # The id of the org whose Infrastructure as Code settings are getting updated} @returns(200) The Infrastructure as Code Settings of the org were updated. @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /orgs/{org_id}/settings/opensource @desc Get the Open Source Settings for an Org. (Early Access) @required {org_id: str(uuid) # The id of the org.} @returns(200) The Open Source Settings for given Org. @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /orgs/{org_id}/settings/sast @desc Retrieves the SAST settings for an org @required {org_id: str(uuid) # The id of the org for which we want to retrieve the SAST settings} @returns(200) The SAST settings for the org are being retrieved @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint PATCH /orgs/{org_id}/settings/sast @desc Enable/Disable the Snyk Code settings for an org @required {org_id: str(uuid) # The id of the org for which we want to update the Snyk Code setting} @returns(201) The SAST settings for the org are being updated @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint DELETE /orgs/{org_id}/slack_app/{bot_id} @desc Remove the given Slack App integration @required {org_id: str(uuid) # Org ID, bot_id: str(uuid) # Bot ID} @returns(204) Slack App integration successfully removed @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 409: Conflict: The requested operation conflicts with the current state of the resource in some way., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /orgs/{org_id}/slack_app/{bot_id} @desc Get Slack integration default notification settings. @required {org_id: str(uuid) # Org ID, bot_id: str(uuid) # Bot ID} @returns(200) Default settings created successfully @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 409: Conflict: The requested operation conflicts with the current state of the resource in some way., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint POST /orgs/{org_id}/slack_app/{bot_id} @desc Create new Slack notification default settings. @required {org_id: str(uuid) # Org ID, bot_id: str(uuid) # Bot ID} @returns(201) Default settings created successfully @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 409: Conflict: The requested operation conflicts with the current state of the resource in some way., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /orgs/{org_id}/slack_app/{bot_id}/projects @desc Slack notification settings overrides for projects @required {org_id: str(uuid) # Org ID, bot_id: str(uuid) # Bot ID} @optional {starting_after: str # Return the page of results immediately after this cursor, ending_before: str # Return the page of results immediately before this cursor, limit: int(int32)=10 # Number of results to return per page} @returns(200) Return default settings for a tenant @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 409: Conflict: The requested operation conflicts with the current state of the resource in some way., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint DELETE /orgs/{org_id}/slack_app/{bot_id}/projects/{project_id} @desc Remove Slack settings override for a project. @required {org_id: str(uuid) # Org ID, project_id: str(uuid) # Project ID, bot_id: str(uuid) # Bot ID} @returns(204) Slack settings override for the project removed successfully. @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 409: Conflict: The requested operation conflicts with the current state of the resource in some way., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint PATCH /orgs/{org_id}/slack_app/{bot_id}/projects/{project_id} @desc Update Slack notification settings for a project. @required {org_id: str(uuid) # Org ID, bot_id: str(uuid) # Bot ID, project_id: str(uuid) # Project ID} @returns(200) Slack notification settings for a project updated successfully. @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 409: Conflict: The requested operation conflicts with the current state of the resource in some way., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint POST /orgs/{org_id}/slack_app/{bot_id}/projects/{project_id} @desc Create a new Slack settings override for a given project. @required {org_id: str(uuid) # Org ID, project_id: str(uuid) # Project ID, bot_id: str(uuid) # Bot ID} @returns(201) Project settings created successfully @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 409: Conflict: The requested operation conflicts with the current state of the resource in some way., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /orgs/{org_id}/slack_app/{tenant_id}/channels @desc Get a list of Slack channels @required {org_id: str(uuid) # Org ID, tenant_id: str(uuid) # Tenant ID} @optional {starting_after: str # Return the page of results immediately after this cursor, ending_before: str # Return the page of results immediately before this cursor, limit: int(int32)=1000 # Number of results to return per page} @returns(200) List of Slack channels @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 409: Conflict: The requested operation conflicts with the current state of the resource in some way., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /orgs/{org_id}/slack_app/{tenant_id}/channels/{channel_id} @desc Get Slack Channel name by Slack Channel ID. @required {org_id: str(uuid) # Org ID, channel_id: str(uri) # Slack Channel ID, tenant_id: str(uuid) # Tenant ID} @returns(200) List of Slack channels @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 409: Conflict: The requested operation conflicts with the current state of the resource in some way., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /orgs/{org_id}/targets @desc Get targets by org ID @required {org_id: str(uuid) # The id of the org to return a list of targets} @optional {starting_after: str # Return the page of results immediately after this cursor, ending_before: str # Return the page of results immediately before this cursor, count: bool # Calculate total amount of filtered results, limit: int(int32)=10 # Number of results to return per page, is_private: bool # Return targets that match the provided value of is_private, exclude_empty: bool=true # Return only the targets that has projects, url: str # Return targets that match the provided remote_url., source_types: [str] # Return targets that match the provided source_types, display_name: str # Return targets with display names starting with the provided string, created_gte: str(date-time) # Return only targets which have been created at or after the specified date.} @returns(200) A list of targets is returned for the targeted org @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint DELETE /orgs/{org_id}/targets/{target_id} @desc Delete target by target ID @required {org_id: str(uuid) # The id of the org to delete, target_id: str(uuid) # The id of the target to delete} @returns(204) The target is deleted with all projects, if it is found in the specified org. @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /orgs/{org_id}/targets/{target_id} @desc Get target by target ID @required {org_id: str(uuid) # The id of the org to return the target from, target_id: str(uuid) # The id of the target to return} @returns(200) A single target is returned if it is found in the specified org @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /orgs/{org_id}/test_jobs/{job_id} @desc Get a test job. (Early Access) @required {org_id: str(uuid) # Snyk Org ID under which to run or query information about a Job or Test., job_id: str(uuid) # Job ID returned from the Test API to query.} @optional {snyk-request-id: str(uuid) # A unique ID assigned to each API request, for tracing and troubleshooting. Snyk clients can optionally provide this ID., snyk-interaction-id: str # Identifies the Snyk client interaction in which this API request occurs. The identifier is an opaque string. though at the time of writing it may either be a uuid or a urn containing a uuid and some metadata.} @returns(200) Successful API response with a single resource @errors {303: Redirect to another resource after async processing., 400: Invalid input} @endpoint POST /orgs/{org_id}/tests @desc Create a new test. (Early Access) @required {org_id: str(uuid) # Snyk Org ID under which to run or query information about a Job or Test.} @optional {snyk-request-id: str(uuid) # A unique ID assigned to each API request, for tracing and troubleshooting. Snyk clients can optionally provide this ID., snyk-interaction-id: str # Identifies the Snyk client interaction in which this API request occurs. The identifier is an opaque string. though at the time of writing it may either be a uuid or a urn containing a uuid and some metadata.} @returns(202) The request has been accepted for processing, but processing has not yet completed. @errors {400: Invalid input} @endpoint GET /orgs/{org_id}/tests/{test_id} @desc Get a test. (Early Access) @required {org_id: str(uuid) # Snyk Org ID under which to run or query information about a Job or Test., test_id: str(uuid) # Test ID returned from the Test API to query.} @optional {snyk-request-id: str(uuid) # A unique ID assigned to each API request, for tracing and troubleshooting. Snyk clients can optionally provide this ID., snyk-interaction-id: str # Identifies the Snyk client interaction in which this API request occurs. The identifier is an opaque string. though at the time of writing it may either be a uuid or a urn containing a uuid and some metadata.} @returns(200) Successful API response with a single resource @errors {400: Invalid input} @endpoint GET /orgs/{org_id}/tests/{test_id}/findings @desc List findings for a test. (Early Access) @required {org_id: str(uuid) # Snyk Org ID under which to run or query information about a Job or Test., test_id: str(uuid) # Test ID returned from the Test API to query.} @optional {snyk-request-id: str(uuid) # A unique ID assigned to each API request, for tracing and troubleshooting. Snyk clients can optionally provide this ID., snyk-interaction-id: str # Identifies the Snyk client interaction in which this API request occurs. The identifier is an opaque string. though at the time of writing it may either be a uuid or a urn containing a uuid and some metadata., starting_after: str # Opaque pagination cursor for forward traversal., ending_before: str # Opaque pagination cursor for reverse traversal., limit: int(int8)=10 # The number of items to return.} @returns(200) Successful API response for a paginated collection. @errors {400: Invalid input} @endpoint GET /orgs/{org_id}/users/{id} @desc Get user by ID (Early Access) @required {org_id: str(uuid) # The id of the org, id: str(uuid) # The id of the user} @returns(200) User details @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endgroup @group self @endpoint GET /self @desc My User Details @returns(200) Current user is returned @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /self/access_requests @desc Get access requests (Early Access) @optional {starting_after: str # Return the page of results immediately after this cursor, ending_before: str # Return the page of results immediately before this cursor, limit: int(int32)=10 # Number of results to return per page, org_id: [str(uuid)] # The IDs of the org to filter by} @returns(200) A list of access requests are returned @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /self/apps @desc Get a list of Snyk Apps that can act on your behalf @optional {starting_after: str # Return the page of results immediately after this cursor, ending_before: str # Return the page of results immediately before this cursor, limit: int(int32)=10 # Number of results to return per page} @returns(200) A list of apps install that can act on your behalf @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 409: Conflict: The requested operation conflicts with the current state of the resource in some way., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /self/apps/installs @desc Get a list of Snyk Apps installed for a user @optional {expand: [str] # Expand relationships., starting_after: str # Return the page of results immediately after this cursor, ending_before: str # Return the page of results immediately before this cursor, limit: int(int32)=10 # Number of results to return per page} @returns(200) A list of apps installed for the specified organization. @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 409: Conflict: The requested operation conflicts with the current state of the resource in some way., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint DELETE /self/apps/installs/{install_id} @desc Revoke a Snyk App by install ID @required {install_id: str(uuid) # Install ID} @returns(204) The Snyk App install is revoked, with no content (no errors). @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 409: Conflict: The requested operation conflicts with the current state of the resource in some way., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint DELETE /self/apps/{app_id} @desc Revoke a Snyk App by app ID @required {app_id: str(uuid) # App ID} @returns(204) Access to the Snyk App is revoked, with no content (no errors). @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 409: Conflict: The requested operation conflicts with the current state of the resource in some way., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /self/apps/{app_id}/sessions @desc Get a list of active OAuth sessions by app ID @required {app_id: str(uuid) # App ID} @optional {starting_after: str # Return the page of results immediately after this cursor, ending_before: str # Return the page of results immediately before this cursor, limit: int(int32)=10 # Number of results to return per page} @returns(200) Attributes identifying the active OAuth sessions. @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 409: Conflict: The requested operation conflicts with the current state of the resource in some way., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint DELETE /self/apps/{app_id}/sessions/{session_id} @desc Revoke the Snyk App session of an active user @required {app_id: str(uuid) # App ID, session_id: str(uuid) # Session ID} @returns(204) The user app sessions has been revoked. @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 409: Conflict: The requested operation conflicts with the current state of the resource in some way., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /self/personal_access_tokens @desc List personal access tokens @optional {ending_before: str # Return the page of results immediately before this cursor, limit: int(int32)=10 # Number of results to return per page, starting_after: str # Return the page of results immediately after this cursor} @returns(200) Return the personal access tokens associated with the calling principal @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint DELETE /self/personal_access_tokens/{personal_access_token_id} @desc Deletes a personal access token @required {personal_access_token_id: str(ulid) # The personal access token id} @returns(204) The operation completed successfully with no content @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 409: Conflict: The requested operation conflicts with the current state of the resource in some way., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endgroup @group tenants @endpoint GET /tenants @desc Get a list of all accessible Tenants @optional {starting_after: str # Return the page of results immediately after this cursor, ending_before: str # Return the page of results immediately before this cursor, limit: int(int32)=10 # Number of results to return per page} @returns(200) Returns a list of tenants. @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 409: Conflict: The requested operation conflicts with the current state of the resource in some way., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /tenants/{tenant_id} @desc Get a single Tenant by ID @required {tenant_id: str(uuid) # Unique identifier for tenant} @returns(200) Returns an instance of a tenant. @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 409: Conflict: The requested operation conflicts with the current state of the resource in some way., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint PATCH /tenants/{tenant_id} @desc Update tenant @required {tenant_id: str(uuid) # Unique identifier for tenant} @returns(200) Instance of tenant is updated @returns(204) The operation completed successfully with no content @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 409: Conflict: The requested operation conflicts with the current state of the resource in some way., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /tenants/{tenant_id}/brokers/connections/{connection_id}/integrations @desc Get Integrations using the current Broker connection @required {tenant_id: str(uuid) # Tenant ID, connection_id: str(uuid) # Connection ID} @optional {ending_before: str # Return the page of results immediately before this cursor, starting_after: str # Return the page of results immediately after this cursor, limit: int(int32)=10 # Number of results to return per page} @returns(200) Returns a list of Integration IDs @errors {400: Bad Request: one or more parameters are invalid. Check the input to match the expected format. See [Snyk API](https://docs.snyk.io/snyk-api), 404: Not Found: The resource you are trying to access could not be found. Review the request and try again., 500: Internal Server Error: An unexpected error was encountered while attempting to process the request. Try again. If the error still occurs, contact support.} @endpoint POST /tenants/{tenant_id}/brokers/connections/{connection_id}/orgs/{org_id}/integration @desc Creates Broker connection Integration Configuration @required {tenant_id: str(uuid) # Tenant ID, connection_id: str(uuid) # Connection ID, org_id: str(uuid) # Org ID} @returns(201) Configured integrations to use broker connection successfully @errors {400: Bad Request: one or more parameters are invalid. Check the input to match the expected format. See [Snyk API](https://docs.snyk.io/snyk-api), 403: Forbidden: the request requires an authentication token with more or different permissions. Review token permissions and try again. See [PAT permissions](https://support.snyk.io/hc/en-us/articles/4410967220765-How-to-check-if-a-personal-access-token-has-the-correct-permissions)., 404: Not Found: The resource you are trying to access could not be found. Review the request and try again., 500: Internal Server Error: An unexpected error was encountered while attempting to process the request. Try again. If the error still occurs, contact support.} @endpoint DELETE /tenants/{tenant_id}/brokers/connections/{connection_id}/orgs/{org_id}/integrations/{integration_id} @desc Deletes an Integration for a Broker connection @required {tenant_id: str(uuid) # Tenant ID, connection_id: str(uuid) # Connection ID, org_id: str(uuid) # Org ID, integration_id: str(uuid) # Integration ID} @returns(204) Broker connection integration was deleted @errors {400: Bad Request: one or more parameters are invalid. Check the input to match the expected format. See [Snyk API](https://docs.snyk.io/snyk-api), 403: Forbidden: the request requires an authentication token with more or different permissions. Review token permissions and try again. See [PAT permissions](https://support.snyk.io/hc/en-us/articles/4410967220765-How-to-check-if-a-personal-access-token-has-the-correct-permissions)., 404: Not Found: The resource you are trying to access could not be found. Review the request and try again., 500: Internal Server Error: An unexpected error was encountered while attempting to process the request. Try again. If the error still occurs, contact support.} @endpoint GET /tenants/{tenant_id}/brokers/deployments @desc List Broker deployments for tenant @required {tenant_id: str(uuid) # Tenant ID} @optional {ending_before: str # Return the page of results immediately before this cursor, starting_after: str # Return the page of results immediately after this cursor, limit: int(int32)=10 # Number of results to return per page} @returns(200) Returns the list of Broker deployments by install ID @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /tenants/{tenant_id}/brokers/installs/{install_id}/connections/{connection_id}/contexts @desc List Connection contexts @required {tenant_id: str(uuid) # Tenant ID, install_id: str(uuid) # Install ID, connection_id: str(uuid) # Connection ID} @optional {ending_before: str # Return the page of results immediately before this cursor, starting_after: str # Return the page of results immediately after this cursor, limit: int(int32)=10 # Number of results to return per page} @returns(200) Returns the list of broker contexts by connection ID @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint DELETE /tenants/{tenant_id}/brokers/installs/{install_id}/contexts/{context_id} @desc Deletes broker context @required {tenant_id: str(uuid) # Tenant ID, install_id: str(uuid) # Install ID, context_id: str(uuid) # Context ID} @returns(204) Broker context was deleted @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /tenants/{tenant_id}/brokers/installs/{install_id}/contexts/{context_id} @desc List Connection context @required {tenant_id: str(uuid) # Tenant ID, install_id: str(uuid) # Install ID, context_id: str(uuid) # Context ID} @optional {ending_before: str # Return the page of results immediately before this cursor, starting_after: str # Return the page of results immediately after this cursor, limit: int(int32)=10 # Number of results to return per page} @returns(200) Returns the broker context by context ID @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint PATCH /tenants/{tenant_id}/brokers/installs/{install_id}/contexts/{context_id} @desc Updates Broker Context @required {tenant_id: str(uuid) # Tenant ID, install_id: str(uuid) # Install ID, context_id: str(uuid) # Context ID} @returns(200) Updates an existing Broker Context @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint PATCH /tenants/{tenant_id}/brokers/installs/{install_id}/contexts/{context_id}/integration @desc Updates an integration to be associated with a Broker context @required {tenant_id: str(uuid) # Tenant ID, install_id: str(uuid) # Install ID, context_id: str(uuid) # Context ID} @returns(200) Broker context assocation with a connection integration was created @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint DELETE /tenants/{tenant_id}/brokers/installs/{install_id}/contexts/{context_id}/integrations/{integration_id} @desc Deletes the Broker context association with an Integration @required {tenant_id: str(uuid) # Tenant ID, install_id: str(uuid) # Install ID, context_id: str(uuid) # Context ID, integration_id: str(uuid) # Integration ID} @returns(204) Broker context assocation with a connection integration was deleted @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /tenants/{tenant_id}/brokers/installs/{install_id}/deployments @desc List Broker deployments @required {tenant_id: str(uuid) # Tenant ID, install_id: str(uuid) # Install ID} @optional {ending_before: str # Return the page of results immediately before this cursor, starting_after: str # Return the page of results immediately after this cursor, limit: int(int32)=10 # Number of results to return per page} @returns(200) Returns the list of Broker deployments by install ID @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint POST /tenants/{tenant_id}/brokers/installs/{install_id}/deployments @desc Creates Broker Deployment @required {tenant_id: str(uuid) # Tenant ID, install_id: str(uuid) # Install ID} @returns(201) Created broker deployment successfully @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint DELETE /tenants/{tenant_id}/brokers/installs/{install_id}/deployments/{deployment_id} @desc Deletes Broker deployment @required {tenant_id: str(uuid) # Tenant ID, install_id: str(uuid) # Install ID, deployment_id: str(uuid) # Deployment ID} @returns(204) Returns an empty response @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint PATCH /tenants/{tenant_id}/brokers/installs/{install_id}/deployments/{deployment_id} @desc Updates Broker deployment @required {tenant_id: str(uuid) # Tenant ID, install_id: str(uuid) # Install ID, deployment_id: str(uuid) # Deployment ID} @returns(200) Updates an existing Broker deployment by install ID @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint DELETE /tenants/{tenant_id}/brokers/installs/{install_id}/deployments/{deployment_id}/connections @desc Deletes Broker connections @required {tenant_id: str(uuid) # Tenant ID, install_id: str(uuid) # Install ID, deployment_id: str(uuid) # Deployment ID} @returns(204) All Broker connections were deleted @errors {400: Bad Request: one or more parameters are invalid. Check the input to match the expected format. See [Snyk API](https://docs.snyk.io/snyk-api), 401: Unauthorized: the request requires an authentication token. See [Revoke and regenerate a Snyk API token](https://docs.snyk.io/snyk-api/rest-api/authentication-for-api/revoke-and-regenerate-a-snyk-api-token)., 404: Not Found: The resource you are trying to access could not be found. Review the request and try again., 500: Internal Server Error: An unexpected error was encountered while attempting to process the request. Try again. If the error still occurs, contact support.} @endpoint GET /tenants/{tenant_id}/brokers/installs/{install_id}/deployments/{deployment_id}/connections @desc List Broker connections @required {tenant_id: str(uuid) # Tenant ID, install_id: str(uuid) # Install ID, deployment_id: str(uuid) # Deployment ID} @optional {ending_before: str # Return the page of results immediately before this cursor, starting_after: str # Return the page of results immediately after this cursor, limit: int(int32)=10 # Number of results to return per page} @returns(200) Returns the list of Broker connections by deployment ID @errors {400: Bad Request: one or more parameters are invalid. Check the input to match the expected format. See [Snyk API](https://docs.snyk.io/snyk-api), 401: Unauthorized: the request requires an authentication token. See [Revoke and regenerate a Snyk API token](https://docs.snyk.io/snyk-api/rest-api/authentication-for-api/revoke-and-regenerate-a-snyk-api-token)., 404: Not Found: The resource you are trying to access could not be found. Review the request and try again., 500: Internal Server Error: An unexpected error was encountered while attempting to process the request. Try again. If the error still occurs, contact support.} @endpoint POST /tenants/{tenant_id}/brokers/installs/{install_id}/deployments/{deployment_id}/connections @desc Creates Broker connection @required {tenant_id: str(uuid) # Tenant ID, install_id: str(uuid) # Install ID, deployment_id: str(uuid) # Deployment ID} @returns(201) Created broker connection successfully @errors {400: Bad Request: one or more parameters are invalid. Check the input to match the expected format. See [Snyk API](https://docs.snyk.io/snyk-api), 401: Unauthorized: the request requires an authentication token. See [Revoke and regenerate a Snyk API token](https://docs.snyk.io/snyk-api/rest-api/authentication-for-api/revoke-and-regenerate-a-snyk-api-token)., 404: Not Found: The resource you are trying to access could not be found. Review the request and try again., 500: Internal Server Error: An unexpected error was encountered while attempting to process the request. Try again. If the error still occurs, contact support.} @endpoint DELETE /tenants/{tenant_id}/brokers/installs/{install_id}/deployments/{deployment_id}/connections/{connection_id} @desc Deletes Broker connection @required {tenant_id: str(uuid) # Tenant ID, install_id: str(uuid) # Install ID, deployment_id: str(uuid) # Deployment ID, connection_id: str(uuid) # Connection ID} @returns(204) Broker connection was deleted @errors {400: Bad Request: one or more parameters are invalid. Check the input to match the expected format. See [Snyk API](https://docs.snyk.io/snyk-api), 401: Unauthorized: the request requires an authentication token. See [Revoke and regenerate a Snyk API token](https://docs.snyk.io/snyk-api/rest-api/authentication-for-api/revoke-and-regenerate-a-snyk-api-token)., 404: Not Found: The resource you are trying to access could not be found. Review the request and try again., 500: Internal Server Error: An unexpected error was encountered while attempting to process the request. Try again. If the error still occurs, contact support.} @endpoint GET /tenants/{tenant_id}/brokers/installs/{install_id}/deployments/{deployment_id}/connections/{connection_id} @desc Get Broker connection @required {tenant_id: str(uuid) # Tenant ID, install_id: str(uuid) # Install ID, deployment_id: str(uuid) # Deployment ID, connection_id: str(uuid) # Connection ID} @optional {ending_before: str # Return the page of results immediately before this cursor, starting_after: str # Return the page of results immediately after this cursor, limit: int(int32)=10 # Number of results to return per page} @returns(200) Returns a Broker connection @errors {400: Bad Request: one or more parameters are invalid. Check the input to match the expected format. See [Snyk API](https://docs.snyk.io/snyk-api), 401: Unauthorized: the request requires an authentication token. See [Revoke and regenerate a Snyk API token](https://docs.snyk.io/snyk-api/rest-api/authentication-for-api/revoke-and-regenerate-a-snyk-api-token)., 404: Not Found: The resource you are trying to access could not be found. Review the request and try again., 500: Internal Server Error: An unexpected error was encountered while attempting to process the request. Try again. If the error still occurs, contact support.} @endpoint PATCH /tenants/{tenant_id}/brokers/installs/{install_id}/deployments/{deployment_id}/connections/{connection_id} @desc Updates Broker connection @required {tenant_id: str(uuid) # Tenant ID, install_id: str(uuid) # Install ID, deployment_id: str(uuid) # Deployment ID, connection_id: str(uuid) # Connection ID} @returns(200) Updates an existing Broker connection for an deployment @errors {400: Bad Request: one or more parameters are invalid. Check the input to match the expected format. See [Snyk API](https://docs.snyk.io/snyk-api), 401: Unauthorized: the request requires an authentication token. See [Revoke and regenerate a Snyk API token](https://docs.snyk.io/snyk-api/rest-api/authentication-for-api/revoke-and-regenerate-a-snyk-api-token)., 404: Not Found: The resource you are trying to access could not be found. Review the request and try again., 500: Internal Server Error: An unexpected error was encountered while attempting to process the request. Try again. If the error still occurs, contact support.} @endpoint GET /tenants/{tenant_id}/brokers/installs/{install_id}/deployments/{deployment_id}/connections/{connection_id}/bulk_migration @desc List organizations for bulk migration @required {connection_id: str(uuid) # Connection ID, deployment_id: str(uuid) # Deployment ID, install_id: str(uuid) # Install ID, tenant_id: str(uuid) # Tenant ID} @optional {ending_before: str # Return the page of results immediately before this cursor, starting_after: str # Return the page of results immediately after this cursor, limit: int(int32)=10 # Number of results to return per page} @returns(200) Returns a list of organization IDs for the bulk migration @errors {400: Bad Request: one or more parameters are invalid. Check the input to match the expected format. See [Snyk API](https://docs.snyk.io/snyk-api), 404: Not Found: The resource you are trying to access could not be found. Review the request and try again., 500: Internal Server Error: An unexpected error was encountered while attempting to process the request. Try again. If the error still occurs, contact support.} @endpoint POST /tenants/{tenant_id}/brokers/installs/{install_id}/deployments/{deployment_id}/connections/{connection_id}/bulk_migration @desc Performs bulk migration integrations to universal broker @required {connection_id: str(uuid) # Connection ID, deployment_id: str(uuid) # Deployment ID, install_id: str(uuid) # Install ID, tenant_id: str(uuid) # Tenant ID} @returns(201) The bulk migration process was started @errors {400: Bad Request: one or more parameters are invalid. Check the input to match the expected format. See [Snyk API](https://docs.snyk.io/snyk-api), 404: Not Found: The resource you are trying to access could not be found. Review the request and try again., 500: Internal Server Error: An unexpected error was encountered while attempting to process the request. Try again. If the error still occurs, contact support.} @endpoint GET /tenants/{tenant_id}/brokers/installs/{install_id}/deployments/{deployment_id}/contexts @desc List Deployment contexts @required {tenant_id: str(uuid) # Tenant ID, install_id: str(uuid) # Install ID, deployment_id: str(uuid) # Deployment ID} @optional {ending_before: str # Return the page of results immediately before this cursor, starting_after: str # Return the page of results immediately after this cursor, limit: int(int32)=10 # Number of results to return per page} @returns(200) Returns the list of broker contexts by deployment ID @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint POST /tenants/{tenant_id}/brokers/installs/{install_id}/deployments/{deployment_id}/contexts @desc Create broker Context @required {tenant_id: str(uuid) # Tenant ID, install_id: str(uuid) # Install ID, deployment_id: str(uuid) # Deployment ID} @returns(201) Created Broker Context successfully @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /tenants/{tenant_id}/brokers/installs/{install_id}/deployments/{deployment_id}/credentials @desc List Deployment credentials @required {tenant_id: str(uuid) # Tenant ID, install_id: str(uuid) # Install ID, deployment_id: str(uuid) # Deployment ID} @optional {ending_before: str # Return the page of results immediately before this cursor, starting_after: str # Return the page of results immediately after this cursor, limit: int(int32)=10 # Number of results to return per page} @returns(200) Returns the list of deployment credentials by ID @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint POST /tenants/{tenant_id}/brokers/installs/{install_id}/deployments/{deployment_id}/credentials @desc Create deployment credential @required {tenant_id: str(uuid) # Tenant ID, install_id: str(uuid) # Install ID, deployment_id: str(uuid) # Deployment ID} @returns(201) Created Deployment credential successfully @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint DELETE /tenants/{tenant_id}/brokers/installs/{install_id}/deployments/{deployment_id}/credentials/{credential_id} @desc Deletes Deployment credential @required {tenant_id: str(uuid) # Tenant ID, install_id: str(uuid) # Install ID, deployment_id: str(uuid) # Deployment ID, credential_id: str(uuid) # Credential ID} @returns(204) Deployment credential was deleted @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /tenants/{tenant_id}/brokers/installs/{install_id}/deployments/{deployment_id}/credentials/{credential_id} @desc Get Deployment credential @required {tenant_id: str(uuid) # Tenant ID, install_id: str(uuid) # Install ID, deployment_id: str(uuid) # Deployment ID, credential_id: str(uuid) # Credential ID} @optional {ending_before: str # Return the page of results immediately before this cursor, starting_after: str # Return the page of results immediately after this cursor, limit: int(int32)=10 # Number of results to return per page} @returns(200) Returns a Deployment credential @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint PATCH /tenants/{tenant_id}/brokers/installs/{install_id}/deployments/{deployment_id}/credentials/{credential_id} @desc Updates Deployment credential @required {tenant_id: str(uuid) # Tenant ID, install_id: str(uuid) # Install ID, deployment_id: str(uuid) # Deployment ID, credential_id: str(uuid) # Credential ID} @returns(200) Updates an existing Deployment credential for an deployment @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /tenants/{tenant_id}/inventory/assets @desc List or search all assets (synchronous) (Early Access) @required {tenant_id: str(uuid) # The unique identifier of the tenant} @optional {filter: str # RSQL filter expression for filtering results. See schema for full documentation., sort: str # Comma-separated sort fields. Prefix with `-` for descending order. **Supported fields:** - `created_at` - Asset creation timestamp - `updated_at` - Asset last update timestamp - `type` - Asset type (container_images) - `class` - Asset class - `risk_score` - Asset risk score (max across project sources) - `issues` - Issue counts by severity (critical, high, medium, low) - `built_at` - Image build timestamp (container images only) - `last_scan` - Last scan timestamp, limit: int=10 # Number of results to return per page, starting_after: str # Cursor for fetching the next page of results, ending_before: str # Cursor for fetching the previous page of results, fields: map # Sparse fieldsets allow clients to request only specific fields for a given resource type. Use the format `fields[]=field1,field2` where `` is the JSON:API resource type. **Container image fields** (use with `fields[container_images]`): - `class` - Classification of the asset - `registry` - Container registry hostname - `repository` - Repository path - `config_digest` - Image config digest - `distribution_digests` - Distribution digests (manifest/index pairs) - `image_tags` - Distinct image tags across all discovery sources - `built_at` - When the image was built - `size_bytes` - Size of the image in bytes - `author` - Image author - `architecture` - CPU architecture - `os` - Operating system - `variant` - CPU architecture variant - `os_version` - Operating system version - `os_features` - OS features - `config` - Image runtime configuration (OCI config) - `root_fs` - Root filesystem information - `history` - Image build history - `inferred_base_images` - Inferred base images - `teams` - Teams associated with the asset - `labels` - Labels associated with the asset - `tags` - Key-value tags for the asset - `risk_score` - Risk score for the asset - `test_surfaces` - Test surfaces for the asset - `issues` - Issue counts by severity - `created_at` - When the asset was created - `updated_at` - When the asset was last updated - `last_scan` - When the asset was last scanned - `scan_engines` - Scan engines applied to the asset Note: `type` and `id` are always included regardless of field selection., meta_count: str(with/only) # Provide summary count in the response meta object when requested. When `with` is provided, the count will be included in the response meta object. When `only` is provided, the count will be included in the response meta object and no data will be returned.} @returns(200) Successful response with a polymorphic list of assets @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint PATCH /tenants/{tenant_id}/inventory/assets @desc Bulk update asset attributes (Early Access) @required {tenant_id: str(uuid) # The unique identifier of the tenant} @returns(204) Assets updated successfully @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /tenants/{tenant_id}/inventory/assets/filters @desc Get available filter fields (Early Access) @required {tenant_id: str(uuid) # The unique identifier of the tenant} @optional {asset_types: str # Comma-separated list of asset types to filter the available filter fields, limit: int=10 # Number of results to return, starting_after: str # Cursor for fetching the next page of results, ending_before: str # Cursor for fetching the previous page of results} @returns(200) List of available filter fields @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /tenants/{tenant_id}/inventory/assets/filters/{filter_id}/values @desc Get filter value suggestions (autocomplete) (Early Access) @required {tenant_id: str(uuid) # The unique identifier of the tenant, filter_id: str(uuid) # The UUID of the filter field to get values for (from the filter fields list endpoint)} @optional {q: str # Full text search term to filter the list of values. If keys_only is true, this will filter the keys of the object filter values. If key is provided, this will filter the value for the specific key of the object filter values., limit: int=10 # Number of results to return, starting_after: str # Cursor for fetching the next page of results, ending_before: str # Cursor for fetching the previous page of results, keys_only: bool # Return only the keys of the object filter values, key: str # Return only the value for a specific key of the object filter values} @returns(200) List of filter values @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /tenants/{tenant_id}/inventory/assets/groups @desc Get available group fields (Early Access) @required {tenant_id: str(uuid) # The unique identifier of the tenant} @optional {asset_types: str # Comma-separated list of asset types to filter the available group fields, limit: int=10 # Number of results to return, starting_after: str # Cursor for fetching the next page of results, ending_before: str # Cursor for fetching the previous page of results} @returns(200) List of available group fields @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /tenants/{tenant_id}/inventory/assets/groups/{group_field_id}/values @desc Get group value aggregation (Early Access) @required {tenant_id: str(uuid) # The unique identifier of the tenant, group_field_id: str(uuid) # The UUID of the group field to get values for (from the group fields list endpoint)} @optional {asset_types: str # Comma-separated list of asset types to filter the aggregation, filter: str # RSQL filter expression for filtering which assets are included in aggregation. Supports the same syntax as the main search filter including full text search with the `q` field. See the RsqlFilterString schema for complete documentation., sort: str # Comma-separated sort fields for group values. Prefix with `-` for descending order. Multiple sort fields are supported (e.g., `-issues,count`). Defaults to `count` (ascending) when not specified. Results are always tie-broken by `value` for deterministic ordering. Available sort fields: - `value` - Sort by the group value string (alphabetical) - `count` - Sort by the number of assets in each group - `last_seen_at` - Sort by the aggregated last_seen_at timestamp - `updated_at` - Sort by the aggregated updated_at timestamp - `risk_score` - Sort by the aggregated risk score - `issues` - Sort by issue severity (critical → high → medium → low), limit: int=10 # Number of results to return, starting_after: str # Cursor for fetching the next page of results, ending_before: str # Cursor for fetching the previous page of results, meta_fields: [str] # Meta fields to include in the response. Multiple fields can be specified. Available fields: - `count` - Number of assets with this value - `last_seen_at` - Aggregated last_seen_at timestamp (default aggregation: last) - `updated_at` - Aggregated updated_at timestamp (default aggregation: last) - `risk_score` - Aggregated risk score from discovery sources (default aggregation: last) - `issues` - Aggregated issue counts (critical, high, medium, low, total) (default aggregation: last) - `labels` - Labels across assets (default aggregation: last) - `tags` - Tags across assets (default aggregation: last) - `all` - Include all available meta fields All fields default to the `last` aggregation function, which returns the value from the asset with the most recent updated_at in the group. Use the `aggregate` parameter to override the aggregation function per field. If not specified, the meta object is not included in the response. Note: Requesting meta fields may impact response time as aggregations require additional computation., aggregate: map # Per-field aggregate function override for meta fields. All fields default to `last` when not specified. `max`/`min` compute the SQL MAX/MIN across all assets in the group (scalar fields only). `first`/`last` returns the value from the single asset with the earliest/latest updated_at in the group (all field types). `sum` computes the total across all assets (numeric fields, issues, labels, tags).} @returns(200) List of group values with aggregated metadata @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint POST /tenants/{tenant_id}/inventory/assets/searches @desc Create an asset search (asynchronous) (Early Access) @required {tenant_id: str(uuid) # The unique identifier of the tenant} @errors {302: Found - Redirects to search results endpoint, 400: Bad Request: A parameter provided as a part of the request was invalid., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /tenants/{tenant_id}/inventory/assets/searches/{search_id}/results @desc Retrieve asset search results (asynchronous) (Early Access) @required {tenant_id: str(uuid) # The unique identifier of the tenant, search_id: str(uuid) # The unique identifier of the search operation} @optional {sort: str # Comma-separated sort fields. Prefix with `-` for descending order. **Supported fields:** - `created_at` - Asset creation timestamp - `updated_at` - Asset last update timestamp - `type` - Asset type (container_images) - `class` - Asset class - `risk_score` - Asset risk score (max across project sources) - `issues` - Issue counts by severity (critical, high, medium, low) - `built_at` - Image build timestamp (container images only) - `last_scan` - Last scan timestamp, limit: int=10 # Number of results to return, starting_after: str # Cursor for next page, ending_before: str # Cursor for previous page, fields: map # Sparse fieldsets allow clients to request only specific fields for a given resource type. Use the format `fields[]=field1,field2` where `` is the JSON:API resource type. **Container image fields** (use with `fields[container_images]`): - `class` - Classification of the asset - `registry` - Container registry hostname - `repository` - Repository path - `config_digest` - Image config digest - `distribution_digests` - Distribution digests (manifest/index pairs) - `image_tags` - Distinct image tags across all discovery sources - `built_at` - When the image was built - `size_bytes` - Size of the image in bytes - `author` - Image author - `architecture` - CPU architecture - `os` - Operating system - `variant` - CPU architecture variant - `os_version` - Operating system version - `os_features` - OS features - `config` - Image runtime configuration (OCI config) - `root_fs` - Root filesystem information - `history` - Image build history - `inferred_base_images` - Inferred base images - `teams` - Teams associated with the asset - `labels` - Labels associated with the asset - `tags` - Key-value tags for the asset - `risk_score` - Risk score for the asset - `test_surfaces` - Test surfaces for the asset - `issues` - Issue counts by severity - `created_at` - When the asset was created - `updated_at` - When the asset was last updated - `last_scan` - When the asset was last scanned - `scan_engines` - Scan engines applied to the asset Note: `type` and `id` are always included regardless of field selection.} @returns(200) Search results retrieved successfully @errors {404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /tenants/{tenant_id}/inventory/assets/{asset_id} @desc Get a single asset by ID (Early Access) @required {tenant_id: str(uuid) # The unique identifier of the tenant, asset_id: str(uuid) # The unique identifier of the asset} @optional {fields: map # Sparse fieldsets allow clients to request only specific fields for a given resource type. Use the format `fields[]=field1,field2` where `` is the JSON:API resource type. **Container image fields** (use with `fields[container_images]`): - `class` - Classification of the asset - `registry` - Container registry hostname - `repository` - Repository path - `config_digest` - Image config digest - `distribution_digests` - Distribution digests (manifest/index pairs) - `image_tags` - Distinct image tags across all discovery sources - `built_at` - When the image was built - `size_bytes` - Size of the image in bytes - `author` - Image author - `architecture` - CPU architecture - `os` - Operating system - `variant` - CPU architecture variant - `os_version` - Operating system version - `os_features` - OS features - `config` - Image runtime configuration (OCI config) - `root_fs` - Root filesystem information - `history` - Image build history - `inferred_base_images` - Inferred base images - `teams` - Teams associated with the asset - `labels` - Labels associated with the asset - `tags` - Key-value tags for the asset - `risk_score` - Risk score for the asset - `test_surfaces` - Test surfaces for the asset - `issues` - Issue counts by severity - `created_at` - When the asset was created - `updated_at` - When the asset was last updated - `last_scan` - When the asset was last scanned - `scan_engines` - Scan engines applied to the asset Note: `type` and `id` are always included regardless of field selection.} @returns(200) Asset retrieved successfully @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint PATCH /tenants/{tenant_id}/inventory/assets/{asset_id} @desc Update asset attributes (Early Access) @required {tenant_id: str(uuid) # The unique identifier of the tenant, asset_id: str(uuid) # The unique identifier of the asset} @returns(200) Asset updated successfully @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /tenants/{tenant_id}/inventory/assets/{asset_id}/relationships/projects @desc List projects for an asset (Early Access) @required {tenant_id: str(uuid) # The unique identifier of the tenant, asset_id: str(uuid) # The unique identifier of the asset} @optional {starting_after: str # Cursor for fetching the next page of results, ending_before: str # Cursor for fetching the previous page of results, limit: int=10 # Maximum number of results to return per page, canonical: str(with/only/none) # Filter projects by canonical status. - `with`: Returns all projects (canonical attribute is populated). - `only`: Returns only canonical projects (those used for vulnerability counts). - `none`: Returns only non-canonical projects. When omitted, returns all projects without canonical filtering., target_id: str(uuid) # Filter projects by target ID. When provided, returns only projects that belong to the specified target. When omitted, returns projects from all targets.} @returns(200) Successfully retrieved linked projects @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /tenants/{tenant_id}/inventory/assets/{asset_id}/relationships/targets @desc List targets for an asset (Early Access) @required {tenant_id: str(uuid) # The unique identifier of the tenant, asset_id: str(uuid) # The unique identifier of the asset} @optional {starting_after: str # Cursor for fetching the next page of results, ending_before: str # Cursor for fetching the previous page of results, limit: int=10 # Maximum number of results to return per page} @returns(200) Successfully retrieved linked targets @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /tenants/{tenant_id}/memberships @desc Get all memberships of the tenant (Early Access) @required {tenant_id: str(uuid) # Unique identifier of the tenant.} @optional {starting_after: str # Return the page of results immediately after this cursor, ending_before: str # Return the page of results immediately before this cursor, limit: int(int32)=10 # Number of results to return per page, sort_by: str(username/user_display_name/email/login_method/role_name) # Which column to sort by., sort_order: str(ASC/DESC)=ASC # Order in which results are returned., email: str # Filter the response by Users that match the provided email, user_id: str(uuid) # Filter the response by Users that match the provided user ID, name: str # Filter the response by Users that match the provided name, username: str # Filter the response by Users that match the provided username, connection_type: str # Filter the response by Users that match the provided connection type, role_name: str # Filter the response for results only with the specified role.} @returns(200) List of tenant memberships is returned @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint DELETE /tenants/{tenant_id}/memberships/{membership_id} @desc Delete an individual tenant membership for a single user. (Early Access) @required {membership_id: str(uuid) # Unique identifier of the tenant membership., tenant_id: str(uuid) # Unique identifier of the tenant.} @returns(204) successfully deleting an individual membership for a single user @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 409: Conflict: The requested operation conflicts with the current state of the resource in some way., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint PATCH /tenants/{tenant_id}/memberships/{membership_id} @desc Update tenant membership (Early Access) @required {tenant_id: str(uuid) # Unique identifier of the tenant., membership_id: str(uuid) # Unique identifier of the tenant membership.} @returns(204) successfully updated the tenant membership @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 409: Conflict: The requested operation conflicts with the current state of the resource in some way., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /tenants/{tenant_id}/roles @desc List all available roles for a given tenant (Early Access) @required {tenant_id: str(uuid) # Unique identifier of the tenant.} @optional {name: str # Role name filter., custom: bool # Whether role is custom or not., assignable_by_me: bool # When true, only return roles that the current user can assign to others in the tenant., expand_permissions: bool=false # option to show all permission types, starting_after: str # Return the page of results immediately after this cursor, ending_before: str # Return the page of results immediately before this cursor, limit: int(int32)=10 # Number of results to return per page} @returns(200) Returns an array of roles that are the roles on a Tenant. @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 409: Conflict: The requested operation conflicts with the current state of the resource in some way., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint POST /tenants/{tenant_id}/roles @desc Create a custom tenant role for a given tenant (Early Access) @required {tenant_id: str(uuid) # Unique identifier of the tenant.} @returns(201) Tenant role successfully created. @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 409: Conflict: The requested operation conflicts with the current state of the resource in some way., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint DELETE /tenants/{tenant_id}/roles/{role_id} @desc Delete a specific tenant role by its id and its tenant id. (Early Access) @required {tenant_id: str(uuid) # Unique identifier of the tenant., role_id: str(uuid) # Unique identifier of the role.} @returns(204) Tenant role successfully deleted. @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 409: Conflict: The requested operation conflicts with the current state of the resource in some way., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint GET /tenants/{tenant_id}/roles/{role_id} @desc Return a specific role by its id and its tenant id. (Early Access) @required {tenant_id: str(uuid) # Unique identifier of the tenant., role_id: str(uuid) # Unique identifier of the role.} @optional {has_users_assigned: bool=false # returns current memberships of the role in the meta relationships section} @returns(200) Returns the requested role. @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 409: Conflict: The requested operation conflicts with the current state of the resource in some way., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endpoint PATCH /tenants/{tenant_id}/roles/{role_id} @desc Update a specific tenant role by its id and its tenant id. (Early Access) @required {tenant_id: str(uuid) # Unique identifier of the tenant., role_id: str(uuid) # Unique identifier of the role.} @optional {force: bool # flag to force the update of a role, required if users are assigned to the role} @returns(200) Returns the updated role. @errors {400: Bad Request: A parameter provided as a part of the request was invalid., 401: Unauthorized: the request requires an authentication token., 403: Forbidden: the request requires an authentication token with more or different permissions., 404: Not Found: The resource being operated on could not be found., 409: Conflict: The requested operation conflicts with the current state of the resource in some way., 500: Internal Server Error: An error was encountered while attempting to process the request.} @endgroup @end