Skip to content

Code Insight REST API Documentation (v1)

The Code Insight REST APIs provide a standardized interface for interacting with the application.

An authorization JWT token must be included in the HTTP Authorization header using the Bearer schema. The token can be obtained from the Code Insight Web UI under the Preferences menu. To set the token, click the Authorize button below on the right, enter the JWT token in the Value field, then click Authorize and close the dialog. Once authorized, the token will be automatically included in the HTTP Authorization header for all API requests made through the Swagger UI.

Note: If accessing the REST APIs through external tools such as curl or Postman, include the token manually in the HTTP header using the following format: Authorization: Bearer JWT_TOKEN. "Bearer" must precede the actual JWT token value.

Download OpenAPI description
swagger.json
swagger.yaml
Languages
Servers
Mock server
https://codeinsightapi.redocly.app/_mock/swagger
Code Insight REST API Server
https://codeinsightapi.redocly.app/codeinsight/api

Email Templates

Internal API for fetching custom email templates and images from core server

Operations

CodebaseFolder

Operations

Deprecated APIs

Operations

Component

Operations

Files

Operations

Folder

Operations

Project API

Operations

Get Project Inventories Delta from latest scan

Request

Returns a Delta list of inventory after latest scan and relevant details for a given project. All project users including Observer, Reviewer and Analyst can view project inventory of private/public projects.

Security
bearerAuth
Path
projectIdinteger(int64)required

ID of the Project

Example: 1
Query
inventoryUpdatedTypestring

Required param for inventoryUpdatedType: All | New Inventories | Updated Inventories | Removed Inventories

Default "All"
sizeinteger(int64)

Page Size. Number Of Records to fetch per page

Default 100
pageinteger(int64)

Page Number. Index of the page to start with(starts from 1)

Default 1
curl -i -X GET \
  'https://codeinsightapi.redocly.app/_mock/swagger/project/inventoryDeltaFromLastScan/1?inventoryUpdatedType=All&size=100&page=1' \
  -H 'Authorization: Bearer <YOUR_JWT_HERE>'

Responses

OK

Get Project Id

Request

Returns projectId for a given projectName.

Security
bearerAuth
Query
projectNamestringrequired

Name of the Project (Example: eportal)

curl -i -X GET \
  'https://codeinsightapi.redocly.app/_mock/swagger/project/id?projectName=string' \
  -H 'Authorization: Bearer <YOUR_JWT_HERE>'

Responses

OK

Bodyapplication/json
integer(int32)
Response
application/json
0

Get Project Inventory

Request

Returns a list of inventory and inventory details for a given project; includes a flag for a short/long version. All project users including Observer, Reviewer and Analyst can view project inventory of private projects.

Security
bearerAuth
Path
projectIdinteger(int64)required

ID of the Project

Example: 1
Query
skipVulnerabilitiesboolean

If true , hide vulnerability details in the response

Default false
publishedboolean

If true, then only published inventory items are returned; if false, then only not-published inventory items are returned;; if all, then all inventory items are returned

Default true
vendorstring

CPE Vendor name (Example: gnu)

productstring

CPE Product name (Example: zlib)

sizeinteger(int64)

Page Size. Number Of Records to fetch per page

Default 100
pageinteger(int64)

Page Number. Index of the page to start with(starts from 1)

Default 1
reviewStatusstring

return items based on the reviewStatus which we selected. Ex: if reviewStatus is APPROVED then only APPROVED items returned

Enum"READY_TO_REVIEW""DRAFT""APPROVED""REJECTED"
alertsstring

return items based the alert status selected. If alert status selected as OPEN then only open alerts returned

Enum"OPEN""CLOSED""ANY"
includeFilesboolean

If true, display the associated files to an Inventory(Default is true)

Default true
includeCopyrightsboolean

If true, display the copyrights of an Inventory(Default is false)

Default false
curl -i -X GET \
  'https://codeinsightapi.redocly.app/_mock/swagger/project/inventory/1?skipVulnerabilities=false&published=true&vendor=string&product=string&size=100&page=1&reviewStatus=READY_TO_REVIEW&alerts=OPEN&includeFiles=true&includeCopyrights=false' \
  -H 'Authorization: Bearer <YOUR_JWT_HERE>'

Responses

OK

Bodyapplication/json
namestring

Inventory group name

Example: "git"
priorityobject(PicklistValue)
idinteger(int32)

Inventory group id

Example: 1
ownerstring

Owner

Example: "antlr"
publishedboolean

is published

Example: true
partOfProductstring

part of product

Enum"No""Yes""Unknown"
Example: "Unknown"
linkingstring

link type

Enum"Unknown""Not Linked""Statically Linked""Dynamically Linked"
Example: "Unknown"
inventoryTypestring
Enum"Work in Progress""Component""Material from Website""Material from Publication""License Only"
modifiedstring

modified

Enum"No""Yes""Unknown"
Example: "Unknown"
encryptedstring

encryption

Enum"No""Yes""Unknown"
Example: "Unknown"
usageTextstring

get usage text

Example: "usage"
distributedstring

distribution type

Enum"Unknown""Internal""External""Hosted-Any""Hosted for Internal Use""Hosted for External Use"
Example: "Unknown"
repositoryItemobject(RepositoryItem)
noticeTextstring

Notices text

Example: "Notice text"
disclosedboolean

is Disclosed

Example: true
confidencestring

Confidence

Enum"HIGHEST""HIGH""MEDIUM""LOW"
Example: "1"
priorityIdinteger(int32)
copyrightTextstring
projectIdinteger(int32)

Project Id

Example: 1
provenanceIdinteger(int32)
createDatestring(date-time)

Create on

updateDatestring(date-time)

updatedOn

linksArray of objects(InventoryLink)unique
licenseobject(License)

License

Example: 1
auditorReviewNotesstring

audit notes

Example: "good to go"
remediationNotesstring

Remediation notes

Example: "update this immediately"
workflowURLstring
associatedComponentVersionobject(ComponentVersion)
associatedComponentobject(Component)
associatedLicenseobject(License)

License

Example: 1
closedVulnerabilityAlertsArray of objects(InventoryAlert)unique
vulnerabilityAlertsArray of objects(InventoryAlert)unique
openVulnerabilityAlertsArray of objects(InventoryAlert)unique
autoStatusstring
Enum"DRAFT""PUBLISHED""NEEDS_REVIEW"
systemGeneratedboolean

System generated

Example: true
statusPolicyIdinteger(int32)
parentGroupIdinteger(int32)
rejectedByUpdateboolean
publishedDatestring(date-time)

publishedOn

licenseDetectionMethodstring(byte)
userUpdatedStatusstring
autoDetectionNotesstring

detection notes

Example: "Note"
descriptionstring

Description

Example: "Description"
statusstring
Enum"UNUSED0""UNUSED1""UNUSED2""UNUSED3""DRAFT""READY_TO_REVIEW""APPROVED""REJECTED"
asFoundLicenseTextstring

As found license text

Example: "Sample from file LICENSE.txt in file ePortal-2.0"
urlstring

Url

Example: "http://www.antlr.org"
fileCountinteger(int32)

File count

Example: 2000
dependencyScopestring
Response
application/json
{
  "name": "git",
  "priority": {
    "id": 0,
    "type": "INVENTORY_STATUS",
    "name": "string",
    "description": "string",
    "isDefault": true
  },
  "id": 1,
  "owner": "antlr",
  "published": true,
  "partOfProduct": "Unknown",
  "linking": "Unknown",
  "inventoryType": "Work in Progress",
  "modified": "Unknown",
  "encrypted": "Unknown",
  "usageText": "usage",
  "distributed": "Unknown",
  "repositoryItem": {
    "id": 0,
    "item": { … },
    "createdBy": "string",
    "createDate": "2019-08-24T14:15:22Z",
    "updateDate": "2019-08-24T14:15:22Z",
    "license": 1,
    "title": "string",
    "inUse": true,
    "componentVersion": { … },
    "component": { … }
  },
  "noticeText": "Notice text",
  "disclosed": true,
  "confidence": "1",
  "priorityId": 0,
  "copyrightText": "string",
  "projectId": 1,
  "provenanceId": 0,
  "createDate": "2019-08-24T14:15:22Z",
  "updateDate": "2019-08-24T14:15:22Z",
  "links": [
    { … }
  ],
  "license": 1,
  "auditorReviewNotes": "good to go",
  "remediationNotes": "update this immediately",
  "workflowURL": "string",
  "associatedComponentVersion": {
    "id": 0,
    "type": "Component",
    "displayName": "string",
    "deprecated": true,
    "versionLicenses": [ … ],
    "vulnerabilities": [ … ],
    "purl": "string",
    "versionName": "string",
    "sortedLicenses": [ … ],
    "customVulnerabilities": [ … ],
    "custom": true,
    "displayVersionName": "string",
    "licenses": [ … ],
    "component": { … }
  },
  "associatedComponent": {
    "name": "string",
    "id": 0,
    "default": true,
    "displayName": "string",
    "componentCPEs": [ … ],
    "externalId": "string",
    "componentForge": { … },
    "lastUpdateDate": "2019-08-24T14:15:22Z",
    "registeredDate": "2019-08-24T14:15:22Z",
    "encryption": true,
    "updatedBy": "string",
    "createdBy": "string",
    "modified": true,
    "custom": true,
    "title": "string",
    "sortedVersions": [ … ],
    "flagMask": 0,
    "sourceRepoUrl": "string",
    "popularity": 0,
    "sortedLicenses": [ … ],
    "description": "string",
    "versions": [ … ],
    "licenses": [ … ],
    "url": "string",
    "type": "Component"
  },
  "associatedLicense": 1,
  "closedVulnerabilityAlerts": [
    { … }
  ],
  "vulnerabilityAlerts": [
    { … }
  ],
  "openVulnerabilityAlerts": [
    { … }
  ],
  "autoStatus": "DRAFT",
  "systemGenerated": true,
  "statusPolicyId": 0,
  "parentGroupId": 0,
  "rejectedByUpdate": true,
  "publishedDate": "2019-08-24T14:15:22Z",
  "licenseDetectionMethod": "string",
  "userUpdatedStatus": "string",
  "autoDetectionNotes": "Note",
  "description": "Description",
  "status": "UNUSED0",
  "asFoundLicenseText": "Sample from file LICENSE.txt in file ePortal-2.0",
  "url": "http://www.antlr.org",
  "fileCount": 2000,
  "dependencyScope": "string"
}

Inventory API

Operations

inventoryWorkflow

Operations

Jobs

Operations

ldap

Operations

license

Operations

sourceCodeManagement

Operations

Reports

Operations

Rules

Operations

Scan profiles

Operations

Task

Operations

Scan API

Operations

User API

Operations

vulnerability

Operations