Project API

Export Project Data

Exports project data for a given projectId. Only Project Admin and Analyst can Export Project Data from a project. Try it out is not available for this API. This API can be tested using conventional REST API clients such as postman or cURL. When calling this API from a REST client, you need to redirect output to a zip file as follows curl -X GET "http://HOST:PORT/codeinsight/api/project/exportProjectData?projectId=PROJECT_ID" -H "accept: application/json" -H "Authorization: Bearer JWT_TOKEN" > export.zip

Request
query Parameters
projectId
required
integer <int32>

ID of the Project

Example: projectId=E.g. 1
header Parameters
Authorization
required
string
Default:

Bearer JWT Token

Example: E.g. Bearer JWT_TOKEN
Responses
200

OK

400

Bad request: No project named x

get/project/exportProjectData
Response samples
application/json
{ }

Get Project Id

Returns projectId for a given projectName.

Request
query Parameters
projectName
required
string

Name of the Project

Example: projectName=E.g. eportal
header Parameters
Authorization
required
string
Default:

Bearer JWT Token

Example: E.g. Bearer JWT_TOKEN
Responses
200

OK

400

Bad request: The project name entered was not found

get/project/id
Response samples
application/json
0
0

Get Project Inventory

Returns a list of inventory and inventory details for a given project; includes a flag for a short/long version. All project users including Observer, Reviewer and Analyst can view project inventory of private projects.

Request
path Parameters
projectId
required
integer <int32>

ID of the Project

Example: E.g. 1
query Parameters
skipVulnerabilities
boolean
Default: false

If true , hide vulnerability details in the response

published
string
Default: "true"

If true, then only published inventory items are returned; if false, then only not-published inventory items are returned

Example: published=E.g. true | default: true
vendor
string

CPE Vendor name

Example: vendor=E.g. gnu
product
string

CPE Product name

Example: product=E.g. zlib
size
integer <int32>
Default: 100

Page Size. Number Of Records to fetch per page

Example: size=E.g. 1 | default: 100
page
integer <int32>
Default: 1

Page Number. Index of the page to start with(starts from 1)

Example: page=E.g. 1 | default: 1
reviewStatus
string

return items based on the reviewStatus which we selected. Ex: if reviewStatus is APPROVED then only APPROVED items returned

Enum: "READY_TO_REVIEW" "DRAFT" "APPROVED" "REJECTED"
Example: reviewStatus=APPROVED
alerts
string

return items based the alert status selected. If alert status selected as OPEN then only open alerts returned

Enum: "OPEN" "CLOSED" "ANY"
Example: alerts=OPEN
includeFiles
boolean
Default: true

If true, display the associated files to an Inventory(Default is true)

Example: includeFiles=E.g. false/true
header Parameters
Authorization
required
string
Default:

Bearer JWT Token

Example: E.g. Bearer JWT_TOKEN
Responses
200

OK

400

Bad request: The project Id entered was not found

get/project/inventory/{projectId}
Response samples
application/json
{
  • "name": "git",
  • "priority": {
    },
  • "id": "1",
  • "owner": "antlr",
  • "description": "Description",
  • "license": {
    },
  • "fileCount": "2000",
  • "projectId": "1",
  • "status": "UNUSED0",
  • "provenanceId": 0,
  • "updateDate": "2017-10-24 13:04:26.0",
  • "createDate": "2017-09-11 12:13:09.0",
  • "workflowURL": "string",
  • "inventoryDockerLayers": [
    ],
  • "associatedComponent": {
    },
  • "vulnerabilityAlerts": [
    ],
  • "associatedLicense": {
    },
  • "openVulnerabilityAlerts": [
    ],
  • "associatedComponentVersion": {
    },
  • "closedVulnerabilityAlerts": [
    ],
  • "confidence": "1",
  • "disclosed": "True",
  • "inventoryType": "WORK_IN_PROGRESS",
  • "published": "True",
  • "partOfProduct": "Unknown",
  • "linking": "Unknown",
  • "modified": "Unknown",
  • "distributed": "Unknown",
  • "encrypted": "Unknown",
  • "priorityId": 0,
  • "noticeText": "Notice text",
  • "usageText": "usage",
  • "parentGroupId": 0,
  • "autoStatus": "DRAFT",
  • "publishedDate": "2017-10-24 13:04:26.0",
  • "links": [
    ],
  • "rejectedByUpdate": false,
  • "autoDetectionNotes": "Note",
  • "userUpdatedStatus": "string",
  • "systemGenerated": "True",
  • "statusPolicyId": 0,
  • "repositoryItem": {
    },
  • "asFoundLicenseText": "Sample from file LICENSE.txt in file ePortal-2.0",
  • "dependencyScope": "string",
  • "auditorReviewNotes": "good to go",
  • "remediationNotes": "update this immediately"
}

Get Project Inventory by Date

Returns a list of inventory and relevant details for a given project within the given date and time. All project users including Observer, Reviewer and Analyst can view project inventory of private/public projects.

Request
path Parameters
projectId
required
integer <int32>

ID of the Project

Example: E.g. 1
query Parameters
startTime
string

Start time for an inventory

Example: startTime=Format: YYYY-MM-DD HH:MM:SS
endTime
string

End time for an inventory

Example: endTime=Format: YYYY-MM-DD HH:MM:SS
size
integer <int32>
Default: 100

Page Size. Number Of Records to fetch per page

Example: size=E.g. 1 | default: 100
page
integer <int32>
Default: 1

Page Number. Index of the page to start with(starts from 1)

Example: page=E.g. 1 | default: 1
header Parameters
Authorization
required
string
Default:

Bearer JWT Token

Example: E.g. Bearer JWT_TOKEN
Responses
200

OK

400

Bad request: The project Id entered was not found

get/project/inventoryLite/{projectId}

Get Scan Status

Returns a scan status for a given taskId which is obtained from /projectScan/{projectId}

Request
path Parameters
taskId
required
integer <int32>

ID of the project scan task

Example: E.g. 1
header Parameters
Authorization
required
string
Default:

Bearer JWT Token

Example: E.g. Bearer JWT_TOKEN
Responses
200

SCHEDULED | ACTIVE | TERMINATED | FAILED | COMPLETED

400

Bad request: The task Id entered was not found

get/project/scanStatus/{taskId}
Response samples
application/json
"NEW"

Upload Project Files.

Uploads and extracts a codebase zip file for a project. (* Maximum supported file size is 10GB.). Upload only files with extensions zip,tar,tar.gz and 7z. Do not upload any .gz files directly without archiving it in a tar file. The upload result may come wrong if any compressed files uploaded directly without archiving it. Only Project Admin and Analyst can upload project codebase to a project.
Try it out is not available for this API. This API can be tested using conventional REST API clients such as postman or cURL. When calling this API from a REST client, you need to run curl as follows curl -X POST "http://HOST:PORT/codeinsight/api/project/uploadProjectCodebase?projectId=PROJECT_ID&deleteExistingFileOnServer=true&expansionLevel=1" -H "accept: application/json" -H "Authorization: Bearer JWT_TOKEN" -H "content-type: application/octet-stream" --data-binary "@path/filename.zip"

Request
query Parameters
projectId
required
integer <int32>

ID of the Project

Example: projectId=E.g. 1
deleteExistingFileOnServer
boolean
Default: false

Delete existing files on server. By deleting exiting files on the server, all existing project codebase files will be permanently removed from the scan server. If you rescan the project without replacing these files via a new upload, the scan results for the removed files will be permanently deleted.

expansionLevel
integer <int32>

Codebase expansion level for the project. 1: None | 2: First level | 3: Recursive level . If the expansionLevel parameter is not provided, the codebase will get extracted as 'None' by default.

Example: expansionLevel=E.g. 1,2,3 | default: 1
deleteArchiveAfterExpand
boolean
Default: false

Delete inner archives after expansion

archiveDirSuffix
string

Suffix to be added to the expanded folder. Value cannot be more than 20 characters and cannot contain the following special characters \ / : * ? " < > | \0

Example: archiveDirSuffix=Eg : _Expanded
header Parameters
Authorization
required
string
Default:

Bearer JWT Token

Example: E.g. Bearer JWT_TOKEN
Request Body schema: application/octet-stream
required

Zipped codebase to scan

object (InputStream)
Responses
200

OK

400

Bad Request

500

Internal Server Error

503

Service Unavailable

post/project/uploadProjectCodebase
Response samples
application/json
"string"

Get Projects

Get All The Projects

Request
query Parameters
offset
integer <int32>
Default: 1

Index of the page to start with

Example: offset=E.g. 1 | default: 1
limit
integer <int32>
Default: 25

Number Of Records to fetch

Example: limit=E.g. 25 | default: 25
header Parameters
Authorization
required
string
Default:

Bearer JWT Token

Example: E.g. Bearer JWT_TOKEN
Responses
200

OK

400

Bad Request

401

Unauthorized

500

Internal Server Error

get/projects

Create Project

Creates a project for the given input, updates project custom field values and returns projectId with success message.

Request
header Parameters
Authorization
required
string
Default:

Bearer JWT Token

Example: E.g. Bearer JWT_TOKEN
Request Body schema: application/json
required

To create a project the projectName field is required and other fields are optional. If the optional fields are left blank, the 'Project Default' values are applied for them. Note: For 'folderName', passing entire folder path like 'folder1/folder2' is not supported.

name
required
string

name

description
string

description

folderName
string

folderName

policyProfileName
string

policyProfileName

scanProfileName
string

scanProfileName

autoPublish
boolean
Default: false

autoPublish

markAssociatedFilesAsReviewed
boolean
Default: false

markAssociatedFilesAsReviewed

owner
string

owner

risk
stringHIGH|MEDIUM|LOW

risk

Enum: "HIGH" "MEDIUM" "LOW"
privateProject
boolean
Default: false

privateProject

scanServerAlias
string

scanServerAlias

deleteEmptyInventory
boolean
Default: false

deleteEmptyInventory

doNotPublishInventoryUnknownLicense
boolean
Default: false

doNotPublishInventoryUnknownLicense

folderId
integer <int32>
expandJarArchives
boolean
Default: false

expandJarArchives

Array of objects (CustomFieldModel)

customFields

Responses
201

Created

400

Bad Request

401

Unauthorized

500

Internal Server Error

post/projects
Request samples
application/json
{
  • "name": "eportal",
  • "description": "description",
  • "folderName": "Projects",
  • "policyProfileName": "Default License Policy Profile",
  • "scanProfileName": "Basic Scan Profile (Without CL)",
  • "autoPublish": "true",
  • "markAssociatedFilesAsReviewed": "true",
  • "owner": "admin",
  • "risk": "HIGH | default: MEDIUM",
  • "privateProject": "false",
  • "scanServerAlias": "null",
  • "deleteEmptyInventory": "false",
  • "doNotPublishInventoryUnknownLicense": "true",
  • "folderId": "1",
  • "expandJarArchives": "false",
  • "customFields": [
    ]
}

Upload Report.

Uploads and extracts a report zip file for a project.curl -H "Authorization: Bearer %jwt%" --form projectId=%projectId% --form reportId=%reportId% --form file=@"pdf_reports.zip" http://localhost:8888/codeinsight/api/projects/uploadReport

Request
header Parameters
Authorization
required
string
Default:

Bearer JWT Token

Example: E.g. Bearer JWT_TOKEN
Responses
200

OK

400

Bad Request

401

Unauthorized

404

Not Found

500

Internal Server Error

post/projects/uploadReport
Response samples
application/json
"string"

Get Project Information

Get Project Information By Id

Request
path Parameters
projectId
required
integer <int32>

ID of the Project

Example: E.g. 1
header Parameters
Authorization
required
string
Default:

Bearer JWT Token

Example: E.g. Bearer JWT_TOKEN
Responses
200

OK

400

Bad Request

401

Unauthorized

404

Not Found

500

Internal Server Error

get/projects/{projectId}
Response samples
application/json
{
  • "id": 0,
  • "name": "string",
  • "description": "string",
  • "owner": "string",
  • "dateCreated": "string",
  • "scanPaths": [
    ],
  • "scanProfileName": "string",
  • "policyProfileName": "string",
  • "type": "string",
  • "risk": "string",
  • "projectVisibiity": "string",
  • "legalContactName": "string",
  • "securityContactName": "string",
  • "devContactName": "string",
  • "projectStatus": "string",
  • "scanServerAlias": "string",
  • "totalFiles": 0,
  • "codebaseSize": "string",
  • "numberOfLines": 0,
  • "projectPath": "string",
  • "childProjects": [
    ],
  • "parentProjects": [
    ],
  • "licenses": {
    },
  • "vulnerabilities": {
    },
  • "customFields": [
    ],
  • "deleteEmptyInventory": false,
  • "expandJarArchives": false
}

Update Project

Updates a project, custom field values for the given projectId. Here "owner" field refers to the "contact" of the project.

Request
path Parameters
projectId
required
integer <int32>

ID of the Project

Example: E.g. 1
header Parameters
Authorization
required
string
Default:

Bearer JWT Token

Example: E.g. Bearer JWT_TOKEN
Request Body schema: application/json
required

Updates a project, autoPublish is required when markAssociatedFilesAsReviewed and doNotPublishInventoryUnknownLicense is part of a request.

name
string

name

description
string

description

folderName
string

folderName

policyProfileName
string

policyProfileName

scanProfileName
string

scanProfileName

autoPublish
boolean
Default: false

autoPublish

markAssociatedFilesAsReviewed
boolean
Default: false

markAssociatedFilesAsReviewed

owner
string

owner

risk
stringHIGH|MEDIUM|LOW

risk

Enum: "HIGH" "MEDIUM" "LOW"
privateProject
boolean
Default: false

privateProject

deleteEmptyInventory
boolean
Default: false

deleteEmptyInventory

doNotPublishInventoryUnknownLicense
boolean
Default: false

doNotPublishInventoryUnknownLicense

folderId
integer <int32>
expandJarArchives
boolean
Default: false

expandJarArchives

Array of objects (CustomFieldModel)

customFields

Responses
200

OK

400

Bad Request

401

Unauthorized

404

Not Found

500

Internal Server Error

put/projects/{projectId}
Request samples
application/json
{
  • "name": "eportal",
  • "description": "description",
  • "folderName": "Projects",
  • "policyProfileName": "Default License Policy Profile",
  • "scanProfileName": "Basic Scan Profile (Without CL)",
  • "autoPublish": "true",
  • "markAssociatedFilesAsReviewed": "true",
  • "owner": "admin",
  • "risk": "HIGH | default: MEDIUM",
  • "privateProject": "false",
  • "deleteEmptyInventory": "false",
  • "doNotPublishInventoryUnknownLicense": "true",
  • "folderId": "1",
  • "expandJarArchives": "false",
  • "customFields": [
    ]
}

Delete a project, deletion operation will be added to queue. To get status of project deletion use jobs/{jobId} API

Deleting a project will delete all project inventory, custom field values, corresponding notes and all code base files permanently from the server.

Request
path Parameters
projectId
required
integer <int32>

ID of the Project

Example: E.g. 1
header Parameters
Authorization
required
string
Default:

Bearer JWT Token

Example: E.g. Bearer JWT_TOKEN
Responses
202

Accepted

400

Bad Request

401

Unauthorized

404

Not Found

500

Internal Server Error

delete/projects/{projectId}

Fetch all scanned files for a project

Request
path Parameters
projectId
required
integer <int32>

ID of the Project

Example: E.g. 1
query Parameters
includeMD5Hash
boolean
Default: false

if true, display MD5 of the files

includeSHA1Hash
boolean
Default: false

if true, display SHA1 of the files

offset
integer <int32>
Default: 1

Index of the page to start with

Example: offset=E.g. 1 | default: 1
limit
integer <int32>
Default: 25

Number Of Records to fetch

Example: limit=E.g. 25 | default: 25
header Parameters
Authorization
required
string
Default:

Bearer JWT Token

Example: E.g. Bearer JWT_TOKEN
Responses
200

OK

401

Unauthorized

404

Not Found

500

Internal Server Error

get/projects/{projectId}/allscannedfiles

get all child projects

Get all child projects. parentProject property will not be shown in the response.

Request
path Parameters
projectId
required
integer <int32>

ID of the Project

Example: E.g. 1
query Parameters
recursive
boolean
Default: false
header Parameters
Authorization
required
string
Default:

Bearer JWT Token

Example: E.g. Bearer JWT_TOKEN
Responses
200

OK

400

Bad Request

404

Not Found

500

Internal Server Error

get/projects/{projectId}/childProjects
Response samples
application/json
{
  • "id": 0,
  • "name": "string",
  • "childProject": [
    ],
  • "parentProject": [
    ]
}

Add child projects to parent project

Add child projects to parent project.

Request
path Parameters
projectId
required
integer <int32>

Id of Parent Project

Example: E.g. 1
query Parameters
childProjectIds
required
Array of integers <int32>

Id of Child Projects

header Parameters
Authorization
required
string
Default:

Bearer JWT Token

Example: E.g. Bearer JWT_TOKEN
Responses
200

OK

400

Bad Request

401

Unauthorized

404

Not Found

500

Internal Server Error

post/projects/{projectId}/children

Remove child Projects from parent project

Remove child project from parent project

Request
path Parameters
projectId
required
integer <int32>

Id of Parent Project

Example: E.g. 1
query Parameters
childProjectIds
required
Array of integers <int32>

Id of Child Projects

header Parameters
Authorization
required
string
Default:

Bearer JWT Token

Example: E.g. Bearer JWT_TOKEN
Responses
200

OK

400

Bad Request

401

Unauthorized

404

Not found

500

Internal Server Error

delete/projects/{projectId}/children

Get Project Contact

Get project contact for the given projectId.

Request
path Parameters
projectId
required
integer <int32>

ID of the Project

Example: E.g. 1
header Parameters
Authorization
required
string
Default:

Bearer JWT Token

Example: E.g. Bearer JWT_TOKEN
Responses
200

OK

401

Unauthorized

404

Not Found

500

Internal Server Error

get/projects/{projectId}/contact
Response samples
application/json
{
  • "contact": "admin"
}

Update Project Contact

Updates project contact for the given projectId.

Request
path Parameters
projectId
required
integer <int32>

ID of the Project

Example: E.g. 1
header Parameters
Authorization
required
string
Default:

Bearer JWT Token

Example: E.g. Bearer JWT_TOKEN
Request Body schema: application/json
required

Updates a project contact

contact
required
string

contact

Responses
200

OK

400

Bad Request

401

Unauthorized

404

Not Found

500

Internal Server Error

put/projects/{projectId}/contact
Request samples
application/json
{
  • "contact": "admin"
}

Fetch Evidences for a project

Request
path Parameters
projectId
required
integer <int32>

ID of the Project

Example: E.g. 1
header Parameters
Authorization
required
string
Default:

Bearer JWT Token

Example: E.g. Bearer JWT_TOKEN
Responses
200

OK

401

Unauthorized

404

Not Found

500

Internal Server Error

get/projects/{projectId}/evidences

Get Id of file or folder

Returns the ID of file and/or folder

Request
path Parameters
projectId
required
integer <int32>

ID of the Project

Example: E.g. 1
query Parameters
filePath
string

Path of File

Example: filePath=git.0/angular/packages/forms/package.json
folderPath
string

Path of Folder

Example: folderPath=git.0/angular/packages/forms
header Parameters
Authorization
required
string
Default:

Bearer JWT Token

Example: E.g. Bearer JWT_TOKEN
Responses
200

OK

400

Bad Request

401

Unauthorized

404

Not Found

500

Internal Server Error

get/projects/{projectId}/files
Response samples
application/json
{ }

Import Project Data

Imports project data for a given projectId. Only Project Owner and Analyst can Import Project Data into a private project. Try it out is not available for this API. This API can be tested using conventional REST API clients such as postman or cURL When calling this API from a REST client, you need to run either of the curl commands. Save the required attributes in a json or a text file for project import and provide that file in the command. If you are using text file, don't give .txt extension. curl -H "Authorization:Bearer %jwt%" -F importFile=@"fileToImport.zip" -F projectImportModel=@"JsonFile.json Or textFile;type=application/json" http://localhost:8888/codeinsight/api/projects/%projectId%/import Or else, instead of providing file, you can directly define the attributes for projectImportModel inside curly braces. Provide 'FileMatchingCriteria' either of the below values: COMPLETE_FILEPATH|PARTIAL_FILEPATH|FILENAME|MD5|MD5_AND_FILENAME|MD5_AND_COMPLETE_FILEPATH|MD5_AND_PARTIAL_FILEPATH

Request
path Parameters
projectId
required
integer <int32>
header Parameters
Authorization
required
string
Default:

Bearer JWT Token

Example: E.g. Bearer JWT_TOKEN
Request Body schema: multipart/form-data
object (InputStream)
Responses
200

OK

400

Bad Request

401

Unauthorized

404

Not Found

500

Internal Server Error

post/projects/{projectId}/import
Response samples
application/json
"string"

Get project inventories for the given scan-agent or scan-server alias

Returns all inventories of the project associated with the given scan-agent or scan-server alias

Request
path Parameters
projectId
required
integer <int32>

ID of the Project

Example: E.g. 1
alias
required
string

Alias of scan-server or scan-agent

Example: E.g. generic-plugin-test
query Parameters
limit
integer <int32>
Default: 25

Page Size. Number Of Records to fetch per page

Example: limit=E.g. 1 | default: 25
offset
integer <int32>
Default: 1

Page Number. Index of the page to start with(starts from 1)

Example: offset=E.g. 1 | default: 1
header Parameters
Authorization
required
string
Default:

Bearer JWT Token

Example: E.g. Bearer JWT_TOKEN
Responses
200

OK

400

Bad Request

401

Unauthorized

403

Forbidden

404

Not Found

409

Conflict

500

Internal Server Error

get/projects/{projectId}/inventories/{alias}

Get Inventory Summary of the project

Get Project level inventory summary

Request
path Parameters
projectId
required
integer <int32>

ID of the Project

Example: E.g. 1
query Parameters
vulnerabilitySummary
boolean
Default: false

If false , hide vulnerabilty summary details

cvssVersion
string

CVSS : This field is required only if vulnerabilitySummary is set to true

Enum: "V2" "V3" "ANY"
Example: cvssVersion=E.g V2
published
string
Default: "PUBLISHED"

If published, then only published inventory items are returned; if unpublished, then only not-published inventory items are returned; if all, then return all inventories

Enum: "PUBLISHED" "UNPUBLISHED" "ALL"
Example: published=E.g PUBLISHED
offset
integer <int32>
Default: 1

Index of the page to start with

Example: offset=E.g. 1 | default: 1
limit
integer <int32>
Default: 25

Number Of Records to fetch

Example: limit=E.g. 25 | default: 25
header Parameters
Authorization
required
string
Default:

Bearer JWT Token

Example: E.g. Bearer JWT_TOKEN
Responses
200

OK

400

Bad Request

401

Unauthorized

404

Not Found

500

Internal Server Error

get/projects/{projectId}/inventorySummary
Response samples
application/json
{
  • "itemNumber": 0,
  • "id": 0,
  • "name": "string",
  • "type": "string",
  • "priority": "string",
  • "createdBy": "string",
  • "url": "string",
  • "purl": "string",
  • "confidence": "HIGHEST",
  • "dependencyScope": "string",
  • "componentId": "string",
  • "componentName": "string",
  • "componentVersionId": "string",
  • "componentVersionName": "string",
  • "reviewStatus": "string",
  • "selectedLicenseId": "string",
  • "selectedLicenseSPDXIdentifier": "string",
  • "vulnerabilitySummary": [
    ]
}

get all parent projects

Get all parent projects. childProject property will not be shown in the response.

Request
path Parameters
projectId
required
integer <int32>

ID of the Project

Example: E.g. 1
query Parameters
recursive
boolean
Default: false
header Parameters
Authorization
required
string
Default:

Bearer JWT Token

Example: E.g. Bearer JWT_TOKEN
Responses
200

OK

400

Bad Request

404

Not Found

500

Internal Server Error

get/projects/{projectId}/parentProjects
Response samples
application/json
{
  • "id": 0,
  • "name": "string",
  • "childProject": [
    ],
  • "parentProject": [
    ]
}

Download Report

Download Reports (PROJECT, AUDIT, NOTICES, CUSTOM_REPORT) for a given projectId. For ALL Reports we need to provide the id of the report. All project users including Observer, Reviewer and Analyst can download reports for private projects. If a task is in progress the response will be 202 and the status will be provided in the header for e.g(ACTIVE, SCHEDULED). Try it out is not available for this API. This API can be tested using conventional REST API clients such as postman or cURL. When calling this API from a REST client, you need to redirect output to a zip file as follows curl -X GET "http://HOST:PORT/codeinsight/api/projects/{projectId}/reports/{reportId}/download?taskId={taskId}" -H "accept: application/json" -H "Authorization: Bearer JWT_TOKEN" > report.zip

Request
path Parameters
projectId
required
integer <int32> \d+

ID of the Project

Example: E.g. 1
reportId
required
integer <int32> \d+

ID of the Report that is to be generated or downloaded

Example: E.g. 1
query Parameters
taskId
required
integer <int32>

ID of the Report Task that is to be downloaded

Example: taskId=E.g. 1
header Parameters
Authorization
required
string
Default:

Bearer JWT Token

Example: E.g. Bearer JWT_TOKEN
Responses
200

OK

202

Accepted

400

Bad request

401

Unauthorized

404

Not Found

500

Internal Server Error

get/projects/{projectId}/reports/{reportId}/download
Response samples
application/json
{ }

Generate Report

Generates Reports (PROJECT, AUDIT, NOTICES, CUSTOM_REPORT) for a given projectId. For ALL Reports we need to provide the id of the report. All project users including Observer, Reviewer and Analyst can generate reports for private projects.

Request
path Parameters
projectId
required
integer <int32> \d+

ID of the Project

Example: E.g. 1
reportId
required
integer <int32> \d+

ID of the Report that is to be generated

Example: E.g. 1
header Parameters
Authorization
required
string
Default:

Bearer JWT Token

Example: E.g. Bearer JWT_TOKEN
Request Body schema: application/json

The success response of the generate is a taskId which should be used during download. If the report type is custom report and enableProjectPicker is true otherProjectId is required.

otherProjectId
integer <int32>

otherProjectId

object

options

Responses
200

OK

400

Bad request

401

Unauthorized

404

Not Found

500

Internal Server Error

503

Service Unavailable

post/projects/{projectId}/reports/{reportId}/generate
Request samples
application/json
{
  • "otherProjectId": "1",
  • "options": {
    }
}

Fetch all scan nodes (alias) of a project

Returns all the alias node information of a project

Request
path Parameters
projectId
required
integer <int32>

ID of the Project

Example: E.g. 1
header Parameters
Authorization
required
string
Default:

Bearer JWT Token

Example: E.g. Bearer JWT_TOKEN
Responses
200

OK

400

Bad Request

401

Unauthorized

404

Not Found

500

Internal Server Error

get/projects/{projectId}/scanNodes

project status

update project status. After creating the project, the default status is 'Not Started' and the status will be automatically updated to 'Analysis In Progress' after scanning.

Request
path Parameters
projectId
required
integer <int32>

ID of the Project

Example: E.g. 1
query Parameters
status
required
string
Default: "Not Started"
Enum: "Not Started" "Analysis In Progress" "Analysis Completed" "Project Completed"
Example: status=Analysis In Progress
header Parameters
Authorization
required
string
Default:

Bearer JWT Token

Example: E.g. Bearer JWT_TOKEN
Responses
200

OK

400

Bad Request

401

Unauthorized

404

Not Found

500

Internal Server Error

put/projects/{projectId}/status

Users

Get Project Users with respect to Role

Request
path Parameters
projectId
required
integer <int32>

ID of the Project

Example: E.g. 1
query Parameters
roleId
required
string
Default: "ANALYST"
Enum: "ANALYST" "REVIEWER" "OBSERVER" "PROJECT_ADMIN"
Example: roleId=E.g. ANALYST
header Parameters
Authorization
required
string
Default:

Bearer JWT Token

Example: E.g. Bearer JWT_TOKEN
Responses
200

OK

400

Bad Request

404

Not Found

500

Internal Server Error

get/projects/{projectId}/users

Assign Role

Assign a Users to a specific Project Role. Here "ownerId refers to the "contactId of the project.

Request
path Parameters
projectId
required
integer <int32>

ID of the Project

Example: E.g. 1
header Parameters
Authorization
required
string
Default:

Bearer JWT Token

Example: E.g. Bearer JWT_TOKEN
Request Body schema: application/json
required

Add a Users to a specific Project Role. Accepted RoleId: PROJECT_ADMIN, ANALYST, REVIEWER, OBSERVER

ownerId
string

ownerId

securityContactId
string

securityContactId

developerContactId
string

developerContactId

legalContactId
string

legalContactId

object (usersRole)
Responses
200

OK

400

Bad Request

401

Unauthorized

404

Not Found

500

Internal Server Error

post/projects/{projectId}/users
Request samples
application/json
{
  • "ownerId": "admin",
  • "securityContactId": "admin",
  • "developerContactId": "admin",
  • "legalContactId": "admin",
  • "userRoles": {
    }
}

Unassign Project Role

Remove User(s) from a specific Project Role

Request
path Parameters
projectId
required
integer <int32>

ID of the Project

Example: E.g. 1
header Parameters
Authorization
required
string
Default:

Bearer JWT Token

Example: E.g. Bearer JWT_TOKEN
Request Body schema: application/json
required

Remove User(s) from a specific Project Role. Accepted RoleId: PROJECT_ADMIN, ANALYST, REVIEWER, OBSERVER

roleId
required
string

roleId

users
required
Array of strings

users

Responses
200

OK

400

Bad Request

401

Unauthorized

404

Not Found

500

Internal Server Error

delete/projects/{projectId}/users
Request samples
application/json
{
  • "roleId": "ANALYST",
  • "users": [
    ]
}