Powered by Redocly

Inventory API

Create Inventory Item

Use this API to create an inventory item for a given project (identified by its projectId). The inventory’s name and type are mandatory parameters.

Request
header Parameters
Authorization
required
string
Default:
Example: Bearer JWT_Token
Request Body schema: application/json
projectId
required
integer <int32> >= 1

projectId

object (InventoryModel)
Responses
201

Created

400

Bad Request

401

Unauthorized

500

Internal Server Error

post/inventories
Request samples
application/json
{
  • "projectId": "1",
  • "inventoryModel": {
    }
}

Get the Inventories of File/Folder IDs

This API retrieves the inventory items associated with one or more codebase files (and/or codebase folders) that you specify for a given project (identified by its projectId).

You must specify each file or folder by its fileId or folderId, respectively. To obtain these Ids, use the Get ID of File or Folder API (/projects/{projectId}/files).

Request
query Parameters
projectId
required
integer <int32>

ID of the Project

Example: projectId=1
fileIds
string

Provide list of file ids

folderIds
string

Provide list of folder ids

published
string

If true, then only published inventory items are returned; if false, then only unpublished inventory items are returned

Example: published=true | false
limit
integer <int32>
Default: 25

Page Size. Number Of Records to fetch per page

Example: limit=1 | default: 25
offset
integer <int32>
Default: 1

Page Number. Index of the page to start with(starts from 1)

Example: offset=1 | default: 1
header Parameters
Authorization
required
string
Default:

Bearer JWT Token

Example: Bearer JWT_TOKEN
Responses
200

OK

400

Bad Request

401

Unauthorized

500

Internal Server Error

get/inventories/search
Response samples
application/json
{ }

Get Details of an Inventory Item

This API returns details about a given inventory item (identified by its inventoryId). You can choose to display or hide information about the security vulnerabilities associated with the inventory item.

To obtain the inventoryId for an inventory item, use the Get the Inventories of File/Folder IDs API (inventories/search).

Request
path Parameters
inventoryId
required
integer <int32>

ID of the Inventory

Example: 1
query Parameters
skipVulnerabilities
boolean
Default: false

If true, hide vulnerabilty details.

header Parameters
Authorization
required
string
Default:

Bearer JWT Token

Example: Bearer JWT_TOKEN
Responses
200

OK

400

Bad Request

401

Unauthorized

404

Not Found

500

Internal Server Error

get/inventories/{inventoryId}

Update Inventory

Use this API to update attributes for an inventory (identified by its inventoryId).

If necessary, use the Get the Inventories of File/Folder IDs API (inventories/search) to obtain the inventoryId.

Request
path Parameters
inventoryId
required
integer <int32>

ID of the Inventory

Example: 1
header Parameters
Authorization
required
string
Default:

Bearer JWT Token

Example: Bearer JWT_TOKEN
Request Body schema: application/json
name
string [ 1 .. 255 ] characters

name

description
string

description

url
string(@)?(href=')?(HREF=')?(HREF=")?(href=")?(http...

url

disclosed
stringYES|NO

disclosed

Enum: "YES" "NO"
distribution
stringUNKNOWN|INTERNAL|EXTERNAL|HOSTED

distribution

Enum: "UNKNOWN" "INTERNAL" "EXTERNAL" "HOSTED"
partOfProduct
stringUNKNOWN|YES|NO

partOfProduct

Enum: "UNKNOWN" "YES" "NO"
linking
stringUNKNOWN|NOT_LINKED|STATIC|DYNAMIC

linking

Enum: "UNKNOWN" "NOT_LINKED" "STATIC" "DYNAMIC"
modified
stringUNKNOWN|YES|NO

modified

Enum: "UNKNOWN" "YES" "NO"
encryption
stringUNKNOWN|YES|NO

encryption

Enum: "UNKNOWN" "YES" "NO"
auditorReviewNotes
string

auditorReviewNotes

noticeText
string

noticeText

usageGuidance
string

usageGuidance

remediationNotes
string

remediationNotes

confidenceLevel
stringHIGH|MEDIUM|LOW

confidenceLevel

Enum: "HIGH" "MEDIUM" "LOW"
inventoryType
stringCOMPONENT|LICENSE|WORK_IN_PROGRESS

inventoryType

object (component)
licenseId
string

licenseId

workflowURL
string

workflowURL

invProvenanceId
integer <int32> >= 1

invProvenanceId

Array of objects (CustomFieldModel)

customFields

Responses
200

OK

400

Bad Request

401

Unauthorized

404

Not Found

500

Internal Server Error

put/inventories/{inventoryId}
Request samples
application/json
{
  • "name": "maven-artifact 3.6.1 (Apache-2.0)",
  • "description": "Sources: scm:git:https://git-wip-us.apache.org/repos/asf/maven.git",
  • "url": "https://repo1.maven.org/maven2/org/apache/maven/maven-artifact",
  • "disclosed": "YES | NO",
  • "distribution": "UNKNOWN | INTERNAL | EXTERNAL | HOSTED",
  • "partOfProduct": "UNKNOWN | YES | NO",
  • "linking": "UNKNOWN | NOT_LINKED | STATIC | DYNAMIC",
  • "modified": "UNKNOWN | YES | NO",
  • "encryption": "UNKNOWN | YES | NO",
  • "auditorReviewNotes": "string",
  • "noticeText": "string",
  • "usageGuidance": "string",
  • "remediationNotes": "string",
  • "confidenceLevel": "HIGH | MEDIUM | LOW default: HIGH",
  • "inventoryType": "COMPONENT | LICENSE | WORK_IN_PROGRESS",
  • "component": {
    },
  • "licenseId": "158",
  • "workflowURL": "SVM-123 | https://www.example.com | default: None",
  • "invProvenanceId": "1",
  • "customFields": [
    ]
}

Delete Inventory

Use this API to delete an inventory item (identified by its inventoryId).

If necessary, use the Get the Inventories of File/Folder IDs API (inventories/search) to obtain the inventoryId.

Request
path Parameters
inventoryId
required
integer <int32>

ID of the Inventory

Example: 1
header Parameters
Authorization
required
string
Default:

Bearer JWT Token

Example: Bearer JWT_TOKEN
Responses
200

OK

400

Bad Request

401

Unauthorized

404

Not Found

500

Internal Server Error

delete/inventories/{inventoryId}

Add Files and/or Folders to Inventory Item

Use this API to add associated files (individually or at folder-path level) to an inventory item (identified by its inventoryId). You can choose to mark all the newly added files as reviewed.

If necessary, use the Get the Inventories of File/Folder IDs API (inventories/search) to obtain the inventoryId.

Request
path Parameters
inventoryId
required
integer <int32>

ID of the Inventory

Example: 1
header Parameters
Authorization
required
string
Default:

Bearer JWT Token

Example: Bearer JWT_TOKEN
Request Body schema: application/json

To add files and folders to the inventory item, provide file and folder paths.

filePaths
Array of strings

filePaths

folderPaths
Array of strings

folderPaths

markAssociatedFilesAsReviewed
boolean
Default: false

markAssociatedFilesAsReviewed

Responses
200

OK

400

Bad Request

401

Unauthorized

404

Not Found

500

Internal Server Error

put/inventories/{inventoryId}/files
Request samples
application/json
{
  • "filePaths": [
    ],
  • "folderPaths": [
    ],
  • "markAssociatedFilesAsReviewed": "false"
}
Response samples
application/json
{ }

Get History of an Inventory Item

This API retrieves the revision history for a given inventory item (identified by its inventoryId). Note that the response groups all historical revisions by revision ID (based on the revision timestamp).

If necessary, use the Get the Inventories of File/Folder IDs API (inventories/search) to obtain the inventoryId.

Request
path Parameters
inventoryId
required
integer <int32>

ID of the Inventory

Example: 1
query Parameters
limit
integer <int32>
Default: 25

Page Size. Number Of Records to fetch per page

Example: limit=1 | default: 25
offset
integer <int32>
Default: 1

Page Number. Index of the page to start with(starts from 1)

Example: offset=1 | default: 1
header Parameters
Authorization
required
string
Default:

Bearer JWT Token

Example: Bearer JWT_TOKEN
Responses
200

OK

400

Bad Request

401

Unauthorized

404

Not Found

500

Internal Server Error

get/inventories/{inventoryId}/history
Response samples
application/json
"string"

Update Notices Text

Update notices text for the given inventory item.

Request
path Parameters
inventoryId
required
integer <int32>

ID of the Inventory

Example: 1
query Parameters
overwrite
boolean
Default: false

If true, overwrite notices text.

header Parameters
Authorization
required
string
Default:

Bearer JWT Token

Example: Bearer JWT_TOKEN
Responses
200

OK

400

Bad Request

401

Unauthorized

404

Not Found

500

Internal Server Error

put/inventories/{inventoryId}/notices

Publish Inventory Item

Use this API to publish a given inventory item (identified by its inventoryId).

If necessary, use the Get the Inventories of File/Folder IDs API (inventories/search) to obtain the inventoryId.

Request
path Parameters
inventoryId
required
integer <int32>

ID of the Inventory

Example: 1
header Parameters
Authorization
required
string
Default:

Bearer JWT Token

Example: Bearer JWT_TOKEN
Responses
200

OK

400

Bad Request

401

Unauthorized

404

Not Found

500

Internal Server Error

put/inventories/{inventoryId}/publish
Response samples
application/json
"string"

Recall Inventory Item

Use this API to recall a published inventory item (that is, unpublish it). A recalled inventory item is removed from the Project Inventory tab, but it remains in the Analysis Workbench with an “unpublished” status, indicating that it requires further auditing.

You must identify the item that you want to recall by its inventoryId. If necessary, use the Get the Inventories of File/Folder IDs API (inventories/search) to obtain the inventoryId.

Request
path Parameters
inventoryId
required
integer <int32>

ID of the Inventory

Example: 1
header Parameters
Authorization
required
string
Default:

Bearer JWT Token

Example: Bearer JWT_TOKEN
Responses
200

OK

400

Bad Request

401

Unauthorized

404

Not Found

500

Internal Server Error

put/inventories/{inventoryId}/recall
Response samples
application/json
"string"

Inventory Item Status

Use this API to update that status of a published inventory item (identified by its inventoryId) in Project Inventory to DRAFT (not reviewed), APPROVED, or REJECTED.

If necessary, use the Get the Inventories of File/Folder IDs API (inventories/search) to obtain the inventoryId.

The approval or rejection of an inventory item impacts Manual Inventory Review tasks associated with the item. When an inventory item is approved, its Manual Inventory Review tasks are closed with an Approved status. When an inventory item is rejected, its Manual Inventory Review tasks are closed with a Rejected status and a Remediate Inventory task is created. A change to inventory status does not impact Remediation and Miscellaneous tasks associated with the inventory item.

Request
path Parameters
inventoryId
required
integer <int32>

ID of the Inventory

Example: 1
query Parameters
status
required
string
Default: "DRAFT"
Enum: "DRAFT" "APPROVED" "REJECTED"
header Parameters
Authorization
required
string
Default:

Bearer JWT Token

Example: Bearer JWT_TOKEN
Responses
200

OK

401

Unauthorized

404

Not Found

500

Internal Server Error

put/inventories/{inventoryId}/status

Get vulnerability Details of an Inventory Item

This API returns details about each security vulnerability associated with a given inventory item (identified by its inventoryId).

If necessary, use the Get the Inventories of File/Folder IDs API (inventories/search) to obtain the inventoryId.

Request
path Parameters
inventoryId
required
integer <int32>

ID of the Inventory

Example: 1
query Parameters
limit
integer <int32>
Default: 25

Page size. Number of records to fetch per page.

Example: limit=1 | default: 25
offset
integer <int32>
Default: 1

Page number. Index of the page to start with (starts from 1).

Example: offset=1 | default: 1
header Parameters
Authorization
required
string
Default:

Bearer JWT Token

Example: Bearer JWT_TOKEN
Responses
200

OK

400

Bad Request

401

Unauthorized

404

Not Found

500

Internal Server Error

get/inventories/{inventoryId}/vulnerabilities
➔ Next to Project API