Skip to content

Code Insight REST API Documentation (v1)

The Code Insight REST APIs provide a standardized interface for interacting with the application.

An authorization JWT token must be included in the HTTP Authorization header using the Bearer schema. The token can be obtained from the Code Insight Web UI under the Preferences menu. To set the token, click the Authorize button below on the right, enter the JWT token in the Value field, then click Authorize and close the dialog. Once authorized, the token will be automatically included in the HTTP Authorization header for all API requests made through the Swagger UI.

Note: If accessing the REST APIs through external tools such as curl or Postman, include the token manually in the HTTP header using the following format: Authorization: Bearer JWT_TOKEN. "Bearer" must precede the actual JWT token value.

Download OpenAPI description
swagger.json
swagger.yaml
Languages
Servers
Mock server
https://codeinsightapi.redocly.app/_mock/swagger
Code Insight REST API Server
https://codeinsightapi.redocly.app/codeinsight/api

Email Templates

Internal API for fetching custom email templates and images from core server

Operations

CodebaseFolder

Operations

Deprecated APIs

Operations

Component

Operations

Files

Operations

Folder

Operations

Project API

Operations

Upload Report.

Request

Uploads and extracts a report zip file for a project.curl -H "Authorization: Bearer %jwt%" --form projectId=%projectId% --form reportId=%reportId% --form file=@"pdf_reports.zip" http://localhost:8888/codeinsight/api/projects/uploadReport

Security
bearerAuth
Bodymultipart/form-data
projectIdinteger(int32)
reportIdinteger(int32)
fileobject(FormDataContentDisposition)
curl -i -X POST \
  https://codeinsightapi.redocly.app/_mock/swagger/projects/uploadReport \
  -H 'Authorization: Bearer <YOUR_JWT_HERE>' \
  -H 'Content-Type: multipart/form-data' \
  -F projectId=0 \
  -F reportId=0 \
  -F 'file[type]=string' \
  -F 'file[parameters][property1]=string' \
  -F 'file[parameters][property2]=string' \
  -F 'file[fileName]=string' \
  -F 'file[creationDate]=2019-08-24T14:15:22Z' \
  -F 'file[modificationDate]=2019-08-24T14:15:22Z' \
  -F 'file[readDate]=2019-08-24T14:15:22Z' \
  -F 'file[size]=0' \
  -F 'file[name]=string'

Responses

OK

Import Project Data

Request

Imports project data for a given projectId. Only Project Owner and Analyst can Import Project Data into a private project.
Try it out is not available for this API. This API can be tested using conventional REST API clients such as postman or cURL
When calling this API from a REST client, you need to run either of the curl commands.
Save the required attributes in a json or a text file for project import and provide that file in the command. If you are using text file, don't give .txt extension.

curl -H "Authorization:Bearer %jwt%" -F importFile=@"fileToImport.zip" -F projectImportModel=@"JsonFile.json Or textFile;type=application/json" http://localhost:8888/codeinsight/api/projects/%projectId%/import

Or else, instead of providing file, you can directly define the attributes for projectImportModel inside curly braces.
Provide 'FileMatchingCriteria' either of the below values:
COMPLETE_FILEPATH|PARTIAL_FILEPATH|FILENAME|MD5|MD5_AND_FILENAME|MD5_AND_COMPLETE_FILEPATH|MD5_AND_PARTIAL_FILEPATH

Security
bearerAuth
Path
projectIdinteger(int32)>= 1required
Bodymultipart/form-data
File to importobject
Project Import Modelobject(ProjectImportModel)
curl -i -X POST \
  'https://codeinsightapi.redocly.app/_mock/swagger/projects/{projectId}/import' \
  -H 'Authorization: Bearer <YOUR_JWT_HERE>' \
  -H 'Content-Type: multipart/form-data' \
  -F 'Project Import Model[createEmptyInventory]=false' \
  -F 'Project Import Model[overwriteInventoryNotes]=true' \
  -F 'Project Import Model[addFilesToInventory]=true' \
  -F 'Project Import Model[inventoryFileMatchingCriteria]=COMPLETE_FILEPATH' \
  -F 'Project Import Model[inventoryDirectoryDepth]=1' \
  -F 'Project Import Model[markFilesAsReviewed]=true' \
  -F 'Project Import Model[reviewFileMatchingCriteria]=MD5_AND_COMPLETE_FILEPATH' \
  -F 'Project Import Model[reviewDirectoryDepth]=1' \
  -F 'Project Import Model[resetInventoryUsage]=true'

Responses

OK

Import Sbom

Request

Imports Sbom for a given projectId. Only Project Owner and Analyst can Import Project Sbom into a private project.
Try it out is not available for this API. This API can be tested using conventional REST API clients such as postman or cURL. When calling this API from a REST client, you need to run either of the curl commands.

curl -H "Authorization:Bearer %jwt%" -F sbomFile=@"fileToImport.json;type=application/json" http://localhost:8888/codeinsight/api/projects/%projectId%/importSbom
Security
bearerAuth
Path
projectIdinteger(int32)>= 1required
Bodymultipart/form-data
Sbom File to importobject
sbomFileobject(FormDataContentDisposition)
Delete SBOM bucketstring
curl -i -X POST \
  'https://codeinsightapi.redocly.app/_mock/swagger/projects/{projectId}/importSbom' \
  -H 'Authorization: Bearer <YOUR_JWT_HERE>' \
  -H 'Content-Type: multipart/form-data' \
  -F 'sbomFile[type]=string' \
  -F 'sbomFile[parameters][property1]=string' \
  -F 'sbomFile[parameters][property2]=string' \
  -F 'sbomFile[fileName]=string' \
  -F 'sbomFile[creationDate]=2019-08-24T14:15:22Z' \
  -F 'sbomFile[modificationDate]=2019-08-24T14:15:22Z' \
  -F 'sbomFile[readDate]=2019-08-24T14:15:22Z' \
  -F 'sbomFile[size]=0' \
  -F 'sbomFile[name]=string' \
  -F 'Delete SBOM bucket=string'

Responses

OK

Inventory API

Operations

inventoryWorkflow

Operations

Jobs

Operations

ldap

Operations

license

Operations

sourceCodeManagement

Operations

Reports

Operations

Rules

Operations

Scan profiles

Operations

Task

Operations

Scan API

Operations

User API

Operations

vulnerability

Operations