Skip to content

Code Insight REST API Documentation (v1)

The Code Insight REST APIs provide a standardized interface for interacting with the application.

An authorization JWT token must be included in the HTTP Authorization header using the Bearer schema. The token can be obtained from the Code Insight Web UI under the Preferences menu. To set the token, click the Authorize button below on the right, enter the JWT token in the Value field, then click Authorize and close the dialog. Once authorized, the token will be automatically included in the HTTP Authorization header for all API requests made through the Swagger UI.

Note: If accessing the REST APIs through external tools such as curl or Postman, include the token manually in the HTTP header using the following format: Authorization: Bearer JWT_TOKEN. "Bearer" must precede the actual JWT token value.

Download OpenAPI description
swagger.json
swagger.yaml
Languages
Servers
Mock server
https://codeinsightapi.redocly.app/_mock/swagger
Code Insight REST API Server
https://codeinsightapi.redocly.app/codeinsight/api

Email Templates

Internal API for fetching custom email templates and images from core server

Operations

CodebaseFolder

Operations

Deprecated APIs

Operations

Component

Operations

Component Search

Request

Search for the components based on the given input and return list of components which includes registered,popular and unpopular.Response will not include vulnerabilities and licenses of the version

Security
bearerAuth
Query
searchBystringNAME|URL|CPE|FORGErequired

Search Type. default is NAME.

Default "NAME"
Enum"NAME""URL""CPE""FORGE"
filterstring

Search Filter. This is required for searchBy NAME, default is ALL_TERMS.

Enum"ALL_TERMS""ANY_TERM""BEGINS_WITH""EXACT_MATCH"
searchTermstring

Any Keyword. This is required for searchBy NAME/URL and optional for CPE. For searchBy CPE, the supplied searchTerm E.g."apache commons" would perform exact match against the component.

includeVersionsboolean

If true , response will include versions as well.

Default false
vendorstring

Vendor name (Example: gnu)

productstring

Product name (Example: zlib)

forgeNamestringSourceForge|Apache|MySQL AB|Java.net|GNU|Free...

Forge Name. is required for searchBy FORGE and optional for NAME/URL/CPE

Enum"SourceForge""Apache""MySQL AB""Java.net""GNU""Free Software Directory""CodePlex""Savannah""Google Code""Hackage"
projectNamestring

Required param for forges: SourceForge|Apache|MySQL AB|Java.net|GNU|Free Software Directory|CodePlex|Savannah|Google Code|GitLab (Example: apache-batik)

packageNamestring

Required param for forges: Hackage|NuGet Gallery|npm|PyPI|Packagist|CentOS Project (Example: newtonsoft.json)

groupIdstring

Required param for forges: Google's Maven Repository|Clojars|Ibiblio Maven2 (Example: com.google.firebase)

artifactIdstring

Required param for forges: Google's Maven Repository|Clojars|Ibiblio Maven2 (Example: firebase-abt)

moduleOrDistributionNamestring

Required param for forge: CPAN (Example: exporter-tidy)

packageOrDistributionNamestring

Required param for forge: CRAN | Fedora Koji (Example: acid)

authorstring

Required param for forge: GitHub | GitLab (It accepts Author/Org value (Example: jquery)

repositoryNamestring

Required param for forge: GitHub (Example: jquery-ui)

vendorNamestring

Required param for forge: Packagist (Example: 100hz)

gemNamestring

Required param for forge: RubyGems (Example: x-editable-rails)

cratestring

Required param for forge: crates.io (Example: brewstillery)

limitinteger(int32)>= 1

Page Size. Number Of Records to fetch per page

Default 100
offsetinteger(int32)>= 1

Page Number. Index of the page to start with(starts from 1)

Default 1
curl -i -X GET \
  'https://codeinsightapi.redocly.app/_mock/swagger/components/search?searchBy=NAME&filter=ALL_TERMS&searchTerm=string&includeVersions=false&vendor=string&product=string&forgeName=SourceForge&projectName=string&packageName=string&groupId=string&artifactId=string&moduleOrDistributionName=string&packageOrDistributionName=string&author=string&repositoryName=string&vendorName=string&gemName=string&crate=string&limit=100&offset=1' \
  -H 'Authorization: Bearer <YOUR_JWT_HERE>'

Responses

OK

Bodyapplication/json
idinteger(int64)
namestring
descriptionstring
titlestring
urlstring
forgestring
versionListArray of objects(VersionListModel)
licenseListArray of objects(LicenseListModel)
cpeListArray of objects(ComponentCPEModel)
Response
application/json
{
  "id": 0,
  "name": "string",
  "description": "string",
  "title": "string",
  "url": "string",
  "forge": "string",
  "versionList": [
    {}
  ],
  "licenseList": [
    {}
  ],
  "cpeList": [
    {}
  ]
}

Create a component custom version

Request

Create a component custom version

Security
bearerAuth
Path
componentIdinteger(int64)>= 1required

ID of the Component

Example: 1
Bodyapplication/jsonrequired
namestring

name

vulnerabilitySummaryArray of objects
curl -i -X POST \
  https://codeinsightapi.redocly.app/_mock/swagger/components/1/versions \
  -H 'Authorization: Bearer <YOUR_JWT_HERE>' \
  -H 'Content-Type: application/json' \
  -d '{
    "name": "string",
    "vulnerabilitySummary": [
      {
        "property1": {
          "property1": 0,
          "property2": 0
        },
        "property2": {
          "property1": 0,
          "property2": 0
        }
      }
    ]
  }'

Responses

Created

Create a custom component

Request

Creates a custom component

Security
bearerAuth
Bodyapplication/jsonrequired

To create a custom component the name, title and url field is required.
Only users with the “library_manager” permission can create a custom component.
Allowable values of forgeId(Optional) are
1 : Other(This will be used as default when none is supplied) | 2 : SourceForge | 3 : Apache | 5 : MySQL AB | 11 : kernel.org | 53 : Mozilla | 78 : Java.net | 87 : GNU | 175 : Free Software Directory | 176 : CodePlex | 186 : Savannah | 248 : CPAN | 419 : Google Code | 628 : Ibiblio Maven2 | 696 : GitHub | 2033 : NuGet Gallery | 2037 : npm |2039 : RubyGems | 2040 : CentOS Project | 2067 : PyPI | 2070 : Packagist | 2073 : Google's Maven Repository | 2076 : crates.io

namestring[ 0 .. 127 ] characters^[a-zA-Z0-9\.\_\-]+$required

name

Example: "Comp1"
titlestring[ 0 .. 255 ] charactersrequired

title

Example: "Component1"
urlstring[ 0 .. 2400 ] characters(NA|^https?:\/\/(www\.)?[-a-zA-Z0-9@:%._\+~#=...required

url

Example: "http://abc@xyz.com | NA"
descriptionstring[ 0 .. 65535 ] characters

description

Example: "This is a custom component."
encryptionstringYES|NO

encryption

Enum"YES""NO"
Example: "E.g. YES | default: NO"
forgeIdinteger(int32)>= 1

forgeId

purlstring[ 0 .. 2400 ] characters(^$|^pkg:[a-zA-Z0-9\+\-\.]+\/.*)

purl

Example: "pkg:maven/org.apache/commons-lang3"
curl -i -X POST \
  https://codeinsightapi.redocly.app/_mock/swagger/components \
  -H 'Authorization: Bearer <YOUR_JWT_HERE>' \
  -H 'Content-Type: application/json' \
  -d '{
    "name": "Comp1",
    "title": "Component1",
    "url": "http://abc@xyz.com | NA",
    "description": "This is a custom component.",
    "encryption": "E.g. YES | default: NO",
    "forgeId": 1,
    "purl": "pkg:maven/org.apache/commons-lang3"
  }'

Responses

Created

Delete a component custom version

Request

Delete a custom version using the component ID and version ID. All existing inventory that uses this version will have its version changed to Unknown. You must have the Library Manager permission to delete a custom version.

Security
bearerAuth
Path
componentIdinteger(int64)required

ID of the component

Example: 1
idinteger(int64)>= 1required

ID of the component version

Example: 1
curl -i -X DELETE \
  https://codeinsightapi.redocly.app/_mock/swagger/components/1/versions/1 \
  -H 'Authorization: Bearer <YOUR_JWT_HERE>'

Responses

Deleted

Delete a custom component

Request

Delete a custom component using the component ID. All existing inventory that uses this component will be changed to work in progress. You must have the Library Manager permission to delete a custom component.

Security
bearerAuth
Path
idinteger(int64)required

ID of the component

Example: 1
curl -i -X DELETE \
  https://codeinsightapi.redocly.app/_mock/swagger/components/1 \
  -H 'Authorization: Bearer <YOUR_JWT_HERE>'

Responses

Deleted

Get Component

Request

Get Component by id.

Security
bearerAuth
Path
componentIdinteger(int64)required

ID of the Component

Example: 1
Query
includeVersionsboolean

If true, display version details(Default is true)

Default true
vulnerabilitySummaryboolean

If true , display vulnerability summary details and hide vulnerability list

Default false
cvssVersionstring

CVSS Version : This field is required only if vulnerabilitySummary is set to true

Enum"V2""V3""ANY"
curl -i -X GET \
  'https://codeinsightapi.redocly.app/_mock/swagger/components/1?includeVersions=true&vulnerabilitySummary=false&cvssVersion=V2' \
  -H 'Authorization: Bearer <YOUR_JWT_HERE>'

Responses

OK

Bodyapplication/json
namestring[ 0 .. 127 ] characters^[a-zA-Z0-9\.\_\-]+$required

name

Example: "Comp1"
titlestring[ 0 .. 255 ] charactersrequired

title

Example: "Component1"
urlstring[ 0 .. 2400 ] characters(NA|^https?:\/\/(www\.)?[-a-zA-Z0-9@:%._\+~#=...required

url

Example: "http://abc@xyz.com | NA"
descriptionstring[ 0 .. 65535 ] characters

description

Example: "This is a custom component."
encryptionstringYES|NO

encryption

Enum"YES""NO"
Example: "E.g. YES | default: NO"
forgeIdinteger(int32)>= 1

forgeId

purlstring[ 0 .. 2400 ] characters(^$|^pkg:[a-zA-Z0-9\+\-\.]+\/.*)

purl

Example: "pkg:maven/org.apache/commons-lang3"
idinteger(int64)
forgestring
versionListArray of objects(VersionModel)
licenseListArray of objects(ComponentLicenseModel)
componentCPEListArray of objects(ComponentCPEModel)
createdBystring
createdOnstring
updatedBystring
updatedOnstring
Response
application/json
{
  "name": "Comp1",
  "title": "Component1",
  "url": "http://abc@xyz.com | NA",
  "description": "This is a custom component.",
  "encryption": "E.g. YES | default: NO",
  "forgeId": 1,
  "purl": "pkg:maven/org.apache/commons-lang3",
  "id": 0,
  "forge": "string",
  "versionList": [
    {}
  ],
  "licenseList": [
    {}
  ],
  "componentCPEList": [
    {}
  ],
  "createdBy": "string",
  "createdOn": "string",
  "updatedBy": "string",
  "updatedOn": "string"
}

Get Component version details

Request

Get Component version details

Security
bearerAuth
Path
idinteger(int64)required

ID of the component version

Example: 1
curl -i -X GET \
  https://codeinsightapi.redocly.app/_mock/swagger/components/versions/1 \
  -H 'Authorization: Bearer <YOUR_JWT_HERE>'

Responses

OK

Get Component version vulnerabilities

Request

Get vulnerability details of a component version

Security
bearerAuth
Path
versionIdinteger(int64)required

ID of the component version

Example: 1
Query
limitinteger(int64)>= 1

Page Size. Number Of Records to fetch per page

Default 25
offsetinteger(int64)>= 1

Page Number. Index of the page to start with(starts from 1)

Default 1
curl -i -X GET \
  'https://codeinsightapi.redocly.app/_mock/swagger/components/1/vulnerabilities?limit=25&offset=1' \
  -H 'Authorization: Bearer <YOUR_JWT_HERE>'

Responses

OK

Component LookupDeprecated

Request

This API is Deprecated and new API is codeinsight/api/components/search

Security
bearerAuth
Query
keywordstringrequired

Any Keyword (Example: GNU)

sizeinteger(int64)

Page Size

Default 100
pageinteger(int64)

Page Number

Default 1
curl -i -X GET \
  'https://codeinsightapi.redocly.app/_mock/swagger/component/lookup?keyword=string&size=100&page=1' \
  -H 'Authorization: Bearer <YOUR_JWT_HERE>'

Responses

OK

Bodyapplication/json
string
Response
application/json
"string"

Files

Operations

Folder

Operations

Project API

Operations

Inventory API

Operations

inventoryWorkflow

Operations

Jobs

Operations

ldap

Operations

license

Operations

sourceCodeManagement

Operations

Reports

Operations

Rules

Operations

Scan profiles

Operations

Task

Operations

Scan API

Operations

User API

Operations

vulnerability

Operations