Powered by Redocly

Project API

Export Project Data

Use this API to export project data from a given project (identified by its projectId). Only Project Administrators and Analysts can execute this API.

The Try It feature is not available for this API. However, you can test the API using conventional REST API clients such as Postman or cURL. When calling this API from a REST client, run a curl command in the following format. (Note that you must redirect the output to a ZIP file, as shown in the command format.)

curl -X GET "http://{HOST}:{PORT}/codeinsight/api/project/exportProjectData?projectId={PROJECT_ID}" -H "accept: application/json" -H "Authorization: Bearer {JWT_TOKEN}" > export.zip
Request
query Parameters
projectId
required
integer <int32>

ID of the Project

Example: projectId=1
header Parameters
Authorization
required
string
Default:

Bearer JWT Token

Example: Bearer JWT_TOKEN
Responses
200

OK

400

Bad request: No project named x

get/project/exportProjectData
Response samples
application/json
{ }

Get Project ID

This API returns the projectId for a given project. The project’s name is required to retrieve the ID.

Request
query Parameters
projectName
required
string

Name of the Project

Example: projectName=eportal
header Parameters
Authorization
required
string
Default:

Bearer JWT Token

Example: Bearer JWT_TOKEN
Responses
200

OK

400

Bad request: The project name entered was not found

get/project/id
Response samples
application/json
0
0

Get Project Inventory

This API retrieves a list of inventory items and their details for a given project (identified by its inventoryId). You have the option hide all inventory information. Additionally, you can filter the list by several project attributes.

All project users are permitted to use this API to view project inventory, including that of private projects.

Request
path Parameters
projectId
required
integer <int32>

ID of the Project

Example: 1
query Parameters
skipVulnerabilities
boolean
Default: false

If true, hide vulnerability details in the response.

published
string
Default: "true"

If true, then only published inventory items are returned; if false, then only not-published inventory items are returned

Example: published=true | default: true
vendor
string

CPE Vendor name

Example: vendor=gnu
product
string

CPE Product name

Example: product=zlib
size
integer <int32>
Default: 100

Page Size. Number Of Records to fetch per page

Example: size=1 | default: 100
page
integer <int32>
Default: 1

Page Number. Index of the page to start with(starts from 1)

Example: page=1 | default: 1
reviewStatus
string

return items based on the reviewStatus which we selected. Ex: if reviewStatus is APPROVED then only APPROVED items returned

Enum: "READY_TO_REVIEW" "DRAFT" "APPROVED" "REJECTED"
Example: reviewStatus=APPROVED
alerts
string

Return items based the alert status selected. If alert status selected as OPEN, then only open alerts are returned.

Enum: "OPEN" "CLOSED" "ANY"
Example: alerts=OPEN
header Parameters
Authorization
required
string
Default:

Bearer JWT Token

Example: Bearer JWT_TOKEN
Responses
200

OK

400

Bad request: The project Id entered was not found

get/project/inventory/{projectId}
Response samples
application/json
{
  • "name": "git",
  • "priority": {
    },
  • "id": "1",
  • "owner": "antlr",
  • "workflowURL": "string",
  • "closedVulnerabilityAlerts": [
    ],
  • "openVulnerabilityAlerts": [
    ],
  • "vulnerabilityAlerts": [
    ],
  • "asFoundLicenseText": "Sample from file LICENSE.txt in file ePortal-2.0",
  • "repositoryItem": {
    },
  • "parentGroupId": 0,
  • "autoStatus": "DRAFT",
  • "links": [
    ],
  • "publishedDate": "2017-10-24 13:04:26.0",
  • "usageText": "usage",
  • "priorityId": 0,
  • "encrypted": "Unknown",
  • "createDate": "2017-09-11 12:13:09.0",
  • "distributed": "Unknown",
  • "updateDate": "2017-10-24 13:04:26.0",
  • "description": "Description",
  • "url": "http://www.antlr.org",
  • "status": "UNUSED0",
  • "projectId": "1",
  • "provenanceId": 0,
  • "confidence": "1",
  • "inventoryType": "WORK_IN_PROGRESS",
  • "fileCount": "2000",
  • "published": "True",
  • "disclosed": "True",
  • "partOfProduct": "Unknown",
  • "linking": "Unknown",
  • "noticeText": "Notice text",
  • "modified": "Unknown",
  • "license": {
    },
  • "statusPolicyId": 0,
  • "rejectedByUpdate": false,
  • "systemGenerated": "True",
  • "autoDetectionNotes": "Note",
  • "associatedComponent": {
    },
  • "associatedLicense": {
    },
  • "remediationNotes": "update this immediately",
  • "auditorReviewNotes": "good to go",
  • "associatedComponentVersion": {
    }
}

Get Scan Status

This API returns the status for the scan just run using the Project Scan API (scanResource/projectScan/{projectId}). To obtain the scan status, provide the taskId contained in the output of the Project Scan API.

Request
path Parameters
taskId
required
integer <int32>

ID of the project scan task

Example: 1
header Parameters
Authorization
required
string
Default:

Bearer JWT Token

Example: Bearer JWT_TOKEN
Responses
200

SCHEDULED | ACTIVE | TERMINATED | FAILED | COMPLETED

400

Bad request: The task Id entered was not found

get/project/scanStatus/{taskId}
Response samples
application/json
"NEW"

Upload Project Files

Use this API to upload and extract the archived codebase for a project (identified by its projectId). Note the following:

  • The maximum upload size is 10GB.
  • Upload files with zip, tar, tar.gz, and 7z extensions only. Do not upload .gz files directly, as the results might not be as expected. You must archive these compressed files in a tar file before performing the upload.
  • Only Project Administrators and Analysts can upload a codebase to a project.

The Try It feature is not available for this API. However, you can test the API using conventional REST API clients such as Postman or cURL. When calling the API from a REST client, run a curl command in the following format:

curl -X POST "http://{HOST}:{PORT}/codeinsight/api/project/uploadProjectCodebase?projectId={PROJECT_ID}&deleteExistingFileOnServer=true&expansionLevel=1" -H "accept: application/json" -H "Authorization: Bearer {JWT_TOKEN}" -H "content-type: application/octet-stream" --data-binary "@path/{filename}.[zip|tar|tar.gz|7z]"
Request
query Parameters
projectId
required
integer <int32>

ID of the project.

Example: projectId=1
deleteExistingFileOnServer
boolean
Default: false

Delete existing files on server. By deleting existing files on the server, all existing project codebase files will be permanently removed from the scan server. If you rescan the project without replacing these files via a new upload, the scan results for the removed files will be permanently deleted.

expansionLevel
integer <int32>

Codebase expansion level for the project:

  • 1: None
  • 2: First level
  • 3: Recursive level

If the expansionLevel parameter is not provided, the codebase will get extracted as None by default.

Example: expansionLevel=1,2,3 | default: 1
deleteArchiveAfterExpand
boolean
Default: false

Delete inner archives after expansion

archiveDirSuffix
string

Suffix to be added to the expanded folder. Value cannot be more than 20 characters and cannot contain the following special characters: / : * ? " < > | \0

Example: archiveDirSuffix=Eg : _Expanded
header Parameters
Authorization
required
string
Default:

Bearer JWT Token

Example: Bearer JWT_TOKEN
Request Body schema: application/octet-stream

Zipped codebase to scan

object (InputStream)
Responses
200

OK

400

Bad Request

500

Internal Server Error

post/project/uploadProjectCodebase
Response samples
application/json
"string"

Get Projects

This API returns a list of all projects in Code Insight. The data returned for each project includes the project ID, name, owner, and status.

Request
query Parameters
offset
integer <int32>
Default: 1

Index of the page to start with.

Example: offset=1 | default: 1
limit
integer <int32>
Default: 25

Number of records to fetch.

Example: limit=25 | default: 25
header Parameters
Authorization
required
string
Default:

Bearer JWT Token

Example: Bearer JWT_TOKEN
Responses
200

OK

400

Bad Request

401

Unauthorized

500

Internal Server Error

get/projects

Create Project

Creates a project for the given input, updates project custom field values and returns projectId with success message.

Request
header Parameters
Authorization
required
string
Default:

Bearer JWT Token

Example: Bearer JWT_TOKEN
Request Body schema: application/json

To create a project, the projectName field is required and other fields are optional. If the optional fields are left blank, the "Project Default" values are applied for them.

NOTE: For folderName, passing entire folder path like folder1/folder2 is not supported.

name
required
string

name

description
string

description

folderName
string

folderName

policyProfileName
string

policyProfileName

scanProfileName
string

scanProfileName

autoPublish
boolean
Default: false

autoPublish

markAssociatedFilesAsReviewed
boolean
Default: false

markAssociatedFilesAsReviewed

owner
string

owner

risk
stringHIGH|MEDIUM|LOW

risk

Enum: "HIGH" "MEDIUM" "LOW"
privateProject
boolean
Default: false

privateProject

scanServerAlias
string

scanServerAlias

deleteEmptyInventory
boolean
Default: false

deleteEmptyInventory

doNotPublishInventoryUnknownLicense
boolean
Default: false

doNotPublishInventoryUnknownLicense

folderId
integer <int32>
Array of objects (CustomFieldModel)

customFields

Responses
201

Created

400

Bad Request

401

Unauthorized

500

Internal Server Error

post/projects
Request samples
application/json
{
  • "name": "eportal",
  • "description": "description",
  • "folderName": "Projects",
  • "policyProfileName": "Default License Policy Profile",
  • "scanProfileName": "Basic Scan Profile (Without CL)",
  • "autoPublish": "true",
  • "markAssociatedFilesAsReviewed": "true",
  • "owner": "admin",
  • "risk": "HIGH | default: MEDIUM",
  • "privateProject": "false",
  • "scanServerAlias": "null",
  • "deleteEmptyInventory": "false",
  • "doNotPublishInventoryUnknownLicense": "true",
  • "folderId": "1",
  • "customFields": [
    ]
}

Upload Report

Use this API to upload and extract the zip file for a custom report for a project.

curl -H "Authorization: Bearer %jwt%" --form projectId=%projectId% --form reportId=%reportId% --form file=@"pdf_reports.zip" http://localhost:8888/codeinsight/api/projects/uploadReport
Request
header Parameters
Authorization
required
string
Default:

Bearer JWT Token

Example: Bearer JWT_TOKEN
Responses
200

OK

400

Bad Request

401

Unauthorized

404

Not Found

500

Internal Server Error

post/projects/uploadReport
Response samples
application/json
"string"

Get Project Information

This API returns the details for a given project (identified by its projectId).

Request
path Parameters
projectId
required
integer <int32>

ID of the project.

Example: 1
header Parameters
Authorization
required
string
Default:

Bearer JWT Token

Example: Bearer JWT_TOKEN
Responses
200

OK

400

Bad Request

401

Unauthorized

404

Not Found

500

Internal Server Error

get/projects/{projectId}
Response samples
application/json
{
  • "id": 0,
  • "name": "string",
  • "description": "string",
  • "owner": "string",
  • "dateCreated": "string",
  • "scanPaths": [
    ],
  • "scanProfileName": "string",
  • "policyProfileName": "string",
  • "type": "string",
  • "risk": "string",
  • "projectVisibiity": "string",
  • "legalContactName": "string",
  • "securityContactName": "string",
  • "devContactName": "string",
  • "projectStatus": "string",
  • "scanServerAlias": "string",
  • "totalFiles": 0,
  • "codebaseSize": "string",
  • "numberOfLines": 0,
  • "projectPath": "string",
  • "childProjects": [
    ],
  • "parentProjects": [
    ],
  • "licenses": {
    },
  • "vulnerabilities": {
    },
  • "customFields": [
    ],
  • "deleteEmptyInventory": false
}

Update Project

Use this API to update attributes for a given project (identified by its projectId). Note the following:

  • The "owner" field refers to the project "contact".
  • To obtain Ids for custom fields in the project, use the Get Project Information API (projects/{projectId})
Request
path Parameters
projectId
required
integer <int32>

ID of the Project

Example: 1
header Parameters
Authorization
required
string
Default:

Bearer JWT Token

Example: Bearer JWT_TOKEN
Request Body schema: application/json

Updates a project. autoPublish is required when markAssociatedFilesAsReviewed and doNotPublishInventoryUnknownLicense is part of a request.

name
string

name

description
string

description

folderName
string

folderName

policyProfileName
string

policyProfileName

scanProfileName
string

scanProfileName

autoPublish
boolean
Default: false

autoPublish

markAssociatedFilesAsReviewed
boolean
Default: false

markAssociatedFilesAsReviewed

owner
string

owner

risk
stringHIGH|MEDIUM|LOW

risk

Enum: "HIGH" "MEDIUM" "LOW"
privateProject
boolean
Default: false

privateProject

deleteEmptyInventory
boolean
Default: false

deleteEmptyInventory

doNotPublishInventoryUnknownLicense
boolean
Default: false

doNotPublishInventoryUnknownLicense

folderId
integer <int32>
Array of objects (CustomFieldModel)

customFields

Responses
200

OK

400

Bad Request

401

Unauthorized

404

Not Found

500

Internal Server Error

put/projects/{projectId}
Request samples
application/json
{
  • "name": "eportal",
  • "description": "description",
  • "folderName": "Projects",
  • "policyProfileName": "Default License Policy Profile",
  • "scanProfileName": "Basic Scan Profile (Without CL)",
  • "autoPublish": "true",
  • "markAssociatedFilesAsReviewed": "true",
  • "owner": "admin",
  • "risk": "HIGH | default: MEDIUM",
  • "privateProject": "false",
  • "deleteEmptyInventory": "false",
  • "doNotPublishInventoryUnknownLicense": "true",
  • "folderId": "1",
  • "customFields": [
    ]
}

Delete a Project

Deleting a project will delete all project inventory, custom field values, corresponding notes and all code base files permanently from the server.

Request
path Parameters
projectId
required
integer <int32>

ID of the project.

Example: 1
header Parameters
Authorization
required
string
Default:

Bearer JWT Token

Example: Bearer JWT_TOKEN
Responses
200

OK

400

Bad Request

401

Unauthorized

404

Not Found

500

Internal Server Error

delete/projects/{projectId}

Fetch All Scanned Files for a Project

This API retrieves a list of all codebase files that have been scanned in a given project (identified by its projectId). The list shows the following for each file:

  • Its path and ID and whether it contains evidence,
  • has been reviewed,
  • is associated with inventory, and
  • is remote (scanned by a scan agent plugin).
Request
path Parameters
projectId
required
integer <int32>

ID of the project.

Example: 1
query Parameters
includeMD5Hash
boolean
Default: false

If true, display MD5 of the files.

includeSHA1Hash
boolean
Default: false

If true, display SHA1 of the files.

offset
integer <int32>
Default: 1

Index of the page to start with.

Example: offset=1 | default: 1
limit
integer <int32>
Default: 25

Number of records to fetch.

Example: limit=25 | default: 25
header Parameters
Authorization
required
string
Default:

Bearer JWT Token

Example: Bearer JWT_TOKEN
Responses
200

OK

401

Unauthorized

404

Not Found

500

Internal Server Error

get/projects/{projectId}/allscannedfiles

Get All Child Projects

This API retrieves a list of all child projects for a given project (identified by its projectId). You can choose to show child projects recursively (that is, child projects of child projects). Note that the parentProject property will not be shown in the response.

Request
path Parameters
projectId
required
integer <int32>

ID of the project.

Example: 1
query Parameters
recursive
boolean
Default: false
header Parameters
Authorization
required
string
Default:

Bearer JWT Token

Example: Bearer JWT_TOKEN
Responses
200

OK

400

Bad Request

404

Not Found

500

Internal Server Error

get/projects/{projectId}/childProjects
Response samples
application/json
{
  • "id": 0,
  • "name": "string",
  • "childProject": [
    ],
  • "parentProject": [
    ]
}

Add Child Projects to Parent Project

Add child projects to parent project.

Request
path Parameters
projectId
required
integer <int32>

ID of parent project.

Example: 1
query Parameters
childProjectIds
required
Array of integers <int32>

ID of child projects.

header Parameters
Authorization
required
string
Default:

Bearer JWT Token

Example: Bearer JWT_TOKEN
Responses
200

OK

400

Bad Request

401

Unauthorized

404

Not Found

500

Internal Server Error

post/projects/{projectId}/children

Remove Child Projects from Parent Project

Remove child project from parent project.

Request
path Parameters
projectId
required
integer <int32>

ID of parent project.

Example: 1
query Parameters
childProjectIds
required
Array of integers <int32>

ID of child projects.

header Parameters
Authorization
required
string
Default:

Bearer JWT Token

Example: Bearer JWT_TOKEN
Responses
200

OK

400

Bad Request

401

Unauthorized

404

Not found

500

Internal Server Error

delete/projects/{projectId}/children

Get Project Contact

Get project contact for the given projectId.

Request
path Parameters
projectId
required
integer <int32>

ID of the project.

Example: 1
header Parameters
Authorization
required
string
Default:

Bearer JWT Token

Example: Bearer JWT_TOKEN
Responses
200

OK

401

Unauthorized

404

Not Found

500

Internal Server Error

get/projects/{projectId}/contact
Response samples
application/json
{
  • "contact": "admin"
}

Update Project Contact

Updates project contact for the given projectId.

Request
path Parameters
projectId
required
integer <int32>

ID of the project.

Example: 1
header Parameters
Authorization
required
string
Default:

Bearer JWT Token

Example: Bearer JWT_TOKEN
Request Body schema: application/json

Updates a project contact.

contact
required
string

contact

Responses
200

OK

400

Bad Request

401

Unauthorized

404

Not Found

500

Internal Server Error

put/projects/{projectId}/contact
Request samples
application/json
{
  • "contact": "admin"
}

Fetch Evidences for a Project

This API retrieves the list of license, copyright, email, URL, and search-text matches and provides totals for the exact-file and source matches for each scanned file.

Request
path Parameters
projectId
required
integer <int32>

ID of the project.

Example: 1
header Parameters
Authorization
required
string
Default:

Bearer JWT Token

Example: Bearer JWT_TOKEN
Responses
200

OK

401

Unauthorized

404

Not Found

500

Internal Server Error

get/projects/{projectId}/evidences

Get ID of File or Folder

Returns the ID of file and/or folder.

Request
path Parameters
projectId
required
integer <int32>

ID of the Project

Example: 1
query Parameters
filePath
string

Path of File

Example: filePath=git.0/angular/packages/forms/package.json
folderPath
string

Path of Folder

Example: folderPath=git.0/angular/packages/forms
header Parameters
Authorization
required
string
Default:

Bearer JWT Token

Example: Bearer JWT_TOKEN
Responses
200

OK

400

Bad Request

401

Unauthorized

404

Not Found

500

Internal Server Error

get/projects/{projectId}/files
Response samples
application/json
{ }

Import Project Data

Imports project data for a given projectId. Only Project Owner and Analyst can import project data into a private project.

The Try It feature is not available for this API. This API can be tested using conventional REST API clients such as postman or cURL.

When calling this API from a REST client, you need to run either of the curl commands.

Save the required attributes in a json or a text file for project import and provide that file in the command. If you are using a text file, do not give .txt extension.

curl -H "Authorization:Bearer %jwt%" -F importFile=@"fileToImport.zip" -F projectImportModel=@"JsonFile.json Or textFile;type=application/json" http://localhost:8888/codeinsight/api/projects/%projectId%/import

Or else, instead of providing file, you can directly define the attributes for projectImportModel inside curly braces. Provide FileMatchingCriteria either of the below values:

  • COMPLETE_FILEPATH
  • PARTIAL_FILEPATH
  • FILENAME
  • MD5
  • MD5_AND_FILENAME
  • MD5_AND_COMPLETE_FILEPATH
  • MD5_AND_PARTIAL_FILEPATH
Request
path Parameters
projectId
required
integer <int32>
header Parameters
Authorization
required
string
Default:

Bearer JWT Token

Example: Bearer JWT_TOKEN
Request Body schema: multipart/form-data
object (InputStream)
Responses
200

OK

400

Bad Request

401

Unauthorized

404

Not Found

500

Internal Server Error

post/projects/{projectId}/import
Response samples
application/json
"string"

Get Inventory Summary of the Project

Get Project level inventory summary.

Request
path Parameters
projectId
required
integer <int32>

ID of the Project

Example: 1
query Parameters
vulnerabilitySummary
boolean
Default: false

If false, hide vulnerabilty summary details.

cvssVersion
string

CVSS: This field is required only if vulnerabilitySummary is set to true.

Enum: "V2" "V3" "ANY"
Example: cvssVersion=E.g V2
published
string
Default: "PUBLISHED"
  • PUBLISHED: Only published inventory items are returned.
  • UNPUBLISHED: Only non-published inventory items are returned.
  • ALL: Return all inventory items.
Enum: "PUBLISHED" "UNPUBLISHED" "ALL"
Example: published=PUBLISHED
offset
integer <int32>
Default: 1

Index of the page to start with.

Example: offset=1 | default: 1
limit
integer <int32>
Default: 25

Number of records to fetch.

Example: limit=25 | default: 25
header Parameters
Authorization
required
string
Default:

Bearer JWT Token

Example: Bearer JWT_TOKEN
Responses
200

OK

400

Bad Request

401

Unauthorized

404

Not Found

500

Internal Server Error

get/projects/{projectId}/inventorySummary
Response samples
application/json
{
  • "itemNumber": 0,
  • "id": 0,
  • "name": "string",
  • "type": "string",
  • "priority": "string",
  • "createdBy": "string",
  • "url": "string",
  • "confidence": "HIGHEST",
  • "componentId": "string",
  • "componentName": "string",
  • "componentVersionId": "string",
  • "componentVersionName": "string",
  • "reviewStatus": "string",
  • "selectedLicenseId": "string",
  • "selectedLicenseSPDXIdentifier": "string",
  • "vulnerabilitySummary": [
    ]
}

Get All Parent Projects

Get all parent projects. childProject property will not be shown in the response.

Request
path Parameters
projectId
required
integer <int32>

ID of the project.

Example: 1
query Parameters
recursive
boolean
Default: false
header Parameters
Authorization
required
string
Default:

Bearer JWT Token

Example: Bearer JWT_TOKEN
Responses
200

OK

400

Bad Request

404

Not Found

500

Internal Server Error

get/projects/{projectId}/parentProjects
Response samples
application/json
{
  • "id": 0,
  • "name": "string",
  • "childProject": [
    ],
  • "parentProject": [
    ]
}

Download Report

Download reports (PROJECT, AUDIT, NOTICES, CUSTOM_REPORT) for a given projectId. For *all reports, we need to provide the ID of the report. All project users - including Observer, Reviewer and Analyst - can download reports for private projects.

If a task is in progress, the response will be 202 and the status will be provided in the header, such as (ACTIVE, SCHEDULED).

The Try It feature is not available for this API. This API can be tested using conventional REST API clients such as Postman or cURL.

When calling this API from a REST client, you need to redirect output to a zip file as follows:

curl -X POST "http://HOST:PORT/codeinsight/api/projects/{projectId}/reports/{reportId}/download?taskId={taskId}"
-H "accept: application/json" -H "Authorization: Bearer JWT_TOKEN" > report.zip
Request
path Parameters
projectId
required
integer <int32> \d+

ID of the project.

Example: 1
reportId
required
integer <int32> \d+

ID of the report that is to be generated or downloaded.

Example: 1
query Parameters
taskId
required
integer <int32>

ID of the report task that is to be downloaded.

Example: taskId=1
header Parameters
Authorization
required
string
Default:

Bearer JWT Token

Example: Bearer JWT_TOKEN
Responses
200

OK

202

Accepted

400

Bad request

401

Unauthorized

404

Not Found

500

Internal Server Error

get/projects/{projectId}/reports/{reportId}/download
Response samples
application/json
{ }

Generate Report

Generates reports (PROJECT, AUDIT, NOTICES, CUSTOM_REPORT) for a given projectId. For all reports, we need to provide the ID of the report. All project users - including Observer, Reviewer and Analyst - can generate reports for private projects.

Request
path Parameters
projectId
required
integer <int32> \d+

ID of the project.

Example: 1
reportId
required
integer <int32> \d+

ID of the report that is to be generated.

Example: 1
header Parameters
Authorization
required
string
Default:

Bearer JWT Token

Example: Bearer JWT_TOKEN
Request Body schema: application/json

The success response of the generate is a taskId which should be used during download. If the report type is Custom Report and enableProjectPicker is true, otherProjectId is required.

otherProjectId
integer <int32>

otherProjectId

object

options

Responses
200

OK

400

Bad request

401

Unauthorized

404

Not Found

500

Internal Server Error

post/projects/{projectId}/reports/{reportId}/generate
Request samples
application/json
{
  • "otherProjectId": "1",
  • "options": {
    }
}

Fetch All Scan Nodes (Alias) of a Project

Returns all the alias node information of a project.

Request
path Parameters
projectId
required
integer <int32>

ID of the project.

Example: 1
header Parameters
Authorization
required
string
Default:

Bearer JWT Token

Example: Bearer JWT_TOKEN
Responses
200

OK

400

Bad Request

401

Unauthorized

404

Not Found

500

Internal Server Error

get/projects/{projectId}/scanNodes

Project Status

After creating the project, the default status is Not Started and the status will be automatically updated to Analysis In Progress after scanning.

Request
path Parameters
projectId
required
integer <int32>

ID of the project.

Example: 1
query Parameters
status
required
string
Default: "Not Started"
Enum: "Not Started" "Analysis In Progress" "Analysis Completed" "Project Completed"
Example: status=Analysis In Progress
header Parameters
Authorization
required
string
Default:

Bearer JWT Token

Example: Bearer JWT_TOKEN
Responses
200

OK

400

Bad Request

401

Unauthorized

404

Not Found

500

Internal Server Error

put/projects/{projectId}/status

Users

Get project users with respect to role.

Request
path Parameters
projectId
required
integer <int32>

ID of the project.

Example: 1
query Parameters
roleId
required
string
Default: "ANALYST"
Enum: "ANALYST" "REVIEWER" "OBSERVER" "PROJECT_ADMIN"
Example: roleId=ANALYST
header Parameters
Authorization
required
string
Default:

Bearer JWT Token

Example: Bearer JWT_TOKEN
Responses
200

OK

400

Bad Request

404

Not Found

500

Internal Server Error

get/projects/{projectId}/users

Assign Role

Assign a user to a specific project role. Here ownerId refers to the contactId of the project.

Request
path Parameters
projectId
required
integer <int32>

ID of the project.

Example: 1
header Parameters
Authorization
required
string
Default:

Bearer JWT Token

Example: Bearer JWT_TOKEN
Request Body schema: application/json

Add user(s) to a specific project role.

Accepted RoleId: PROJECT_ADMIN, ANALYST, REVIEWER, OBSERVER

ownerId
string

ownerId

securityContactId
string

securityContactId

developerContactId
string

developerContactId

legalContactId
string

legalContactId

object (usersRole)
Responses
200

OK

400

Bad Request

401

Unauthorized

404

Not Found

500

Internal Server Error

post/projects/{projectId}/users
Request samples
application/json
{
  • "ownerId": "admin",
  • "securityContactId": "admin",
  • "developerContactId": "admin",
  • "legalContactId": "admin",
  • "userRoles": {
    }
}

Unassign Project Role

Remove user(s) from a specific project role.

Request
path Parameters
projectId
required
integer <int32>

ID of the project.

Example: 1
header Parameters
Authorization
required
string
Default:

Bearer JWT Token

Example: Bearer JWT_TOKEN
Request Body schema: application/json

Remove user(s) from a specific project role.

Accepted RoleId: PROJECT_ADMIN, ANALYST, REVIEWER, OBSERVER

roleId
required
string

roleId

users
required
Array of strings

users

Responses
200

OK

400

Bad Request

401

Unauthorized

404

Not Found

500

Internal Server Error

delete/projects/{projectId}/users
Request samples
application/json
{
  • "roleId": "ANALYST",
  • "users": [
    ]
}
➔ Next to Reports