Skip to content

Code Insight REST API Documentation (v1)

The Code Insight REST APIs provide a standardized interface for interacting with the application.

An authorization JWT token must be included in the HTTP Authorization header using the Bearer schema. The token can be obtained from the Code Insight Web UI under the Preferences menu. To set the token, click the Authorize button below on the right, enter the JWT token in the Value field, then click Authorize and close the dialog. Once authorized, the token will be automatically included in the HTTP Authorization header for all API requests made through the Swagger UI.

Note: If accessing the REST APIs through external tools such as curl or Postman, include the token manually in the HTTP header using the following format: Authorization: Bearer JWT_TOKEN. "Bearer" must precede the actual JWT token value.

Download OpenAPI description
swagger.json
swagger.yaml
Languages
Servers
Mock server
https://codeinsightapi.redocly.app/_mock/swagger
Code Insight REST API Server
https://codeinsightapi.redocly.app/codeinsight/api

Email Templates

Internal API for fetching custom email templates and images from core server

Operations

CodebaseFolder

Operations

Deprecated APIs

Operations

Component

Operations

Files

Operations

Folder

Operations

Project API

Operations

project status

Request

Updates the status of a project. By default, a newly created project has the status "Not Started". After scanning begins, the status is automatically updated to "Analysis In Progress". Note: ProjectAction can be specified with below values:

  • Update Status Only: Only updates the status of the project, if project status is kept COMPLETED, it will lock the current project.
  • Lock Child Projects: Locks all child projects of the current project. (allowed only if project status is kept COMPLETED)
  • Unlock Child Projects: Unlocks all child projects of the current project. (allowed only if project status is not COMPLETED) Use projectAction to control the locking behavior in relation to the project's current status.
Security
bearerAuth
Path
projectIdinteger(int64)>= 1required

ID of the Project

Example: 1
Query
statusstringrequired
Default "Not Started"
Enum"Not Started""Analysis In Progress""Analysis Completed""Project Completed"
projectActionstringrequired
Default "Update Status Only"
Enum"Update Status Only""Lock Child Projects""Unlock Child Projects"
curl -i -X PUT \
  'https://codeinsightapi.redocly.app/_mock/swagger/projects/1/status?status=Not+Started&projectAction=Update+Status+Only' \
  -H 'Authorization: Bearer <YOUR_JWT_HERE>'

Responses

OK

Upload Report.

Request

Uploads and extracts a report zip file for a project.curl -H "Authorization: Bearer %jwt%" --form projectId=%projectId% --form reportId=%reportId% --form file=@"pdf_reports.zip" http://localhost:8888/codeinsight/api/projects/uploadReport

Security
bearerAuth
Bodymultipart/form-data
projectIdinteger(int32)
reportIdinteger(int32)
fileobject(FormDataContentDisposition)
curl -i -X POST \
  https://codeinsightapi.redocly.app/_mock/swagger/projects/uploadReport \
  -H 'Authorization: Bearer <YOUR_JWT_HERE>' \
  -H 'Content-Type: multipart/form-data' \
  -F projectId=0 \
  -F reportId=0 \
  -F 'file[type]=string' \
  -F 'file[parameters][property1]=string' \
  -F 'file[parameters][property2]=string' \
  -F 'file[fileName]=string' \
  -F 'file[creationDate]=2019-08-24T14:15:22Z' \
  -F 'file[modificationDate]=2019-08-24T14:15:22Z' \
  -F 'file[readDate]=2019-08-24T14:15:22Z' \
  -F 'file[size]=0' \
  -F 'file[name]=string'

Responses

OK

Import Project Data

Request

Imports project data for a given projectId. Only Project Owner and Analyst can Import Project Data into a private project.
Try it out is not available for this API. This API can be tested using conventional REST API clients such as postman or cURL
When calling this API from a REST client, you need to run either of the curl commands.
Save the required attributes in a json or a text file for project import and provide that file in the command. If you are using text file, don't give .txt extension.

curl -H "Authorization:Bearer %jwt%" -F importFile=@"fileToImport.zip" -F projectImportModel=@"JsonFile.json Or textFile;type=application/json" http://localhost:8888/codeinsight/api/projects/%projectId%/import

Or else, instead of providing file, you can directly define the attributes for projectImportModel inside curly braces.
Provide 'FileMatchingCriteria' either of the below values:
COMPLETE_FILEPATH|PARTIAL_FILEPATH|FILENAME|MD5|MD5_AND_FILENAME|MD5_AND_COMPLETE_FILEPATH|MD5_AND_PARTIAL_FILEPATH

Security
bearerAuth
Path
projectIdinteger(int32)>= 1required
Bodymultipart/form-data
File to importobject
Project Import Modelobject(ProjectImportModel)
curl -i -X POST \
  'https://codeinsightapi.redocly.app/_mock/swagger/projects/{projectId}/import' \
  -H 'Authorization: Bearer <YOUR_JWT_HERE>' \
  -H 'Content-Type: multipart/form-data' \
  -F 'Project Import Model[createEmptyInventory]=false' \
  -F 'Project Import Model[overwriteInventoryNotes]=true' \
  -F 'Project Import Model[addFilesToInventory]=true' \
  -F 'Project Import Model[inventoryFileMatchingCriteria]=COMPLETE_FILEPATH' \
  -F 'Project Import Model[inventoryDirectoryDepth]=1' \
  -F 'Project Import Model[markFilesAsReviewed]=true' \
  -F 'Project Import Model[reviewFileMatchingCriteria]=MD5_AND_COMPLETE_FILEPATH' \
  -F 'Project Import Model[reviewDirectoryDepth]=1' \
  -F 'Project Import Model[resetInventoryUsage]=true'

Responses

OK

Inventory API

Operations

inventoryWorkflow

Operations

Jobs

Operations

ldap

Operations

license

Operations

sourceCodeManagement

Operations

Reports

Operations

Rules

Operations

Scan profiles

Operations

Task

Operations

Scan API

Operations

User API

Operations

vulnerability

Operations