Skip to content

Code Insight REST API Documentation (v1)

The Code Insight REST APIs provide a standardized interface for interacting with the application.

An authorization JWT token must be included in the HTTP Authorization header using the Bearer schema. The token can be obtained from the Code Insight Web UI under the Preferences menu. To set the token, click the Authorize button below on the right, enter the JWT token in the Value field, then click Authorize and close the dialog. Once authorized, the token will be automatically included in the HTTP Authorization header for all API requests made through the Swagger UI.

Note: If accessing the REST APIs through external tools such as curl or Postman, include the token manually in the HTTP header using the following format: Authorization: Bearer JWT_TOKEN. "Bearer" must precede the actual JWT token value.

Download OpenAPI description
swagger.json
swagger.yaml
Languages
Servers
Mock server
https://codeinsightapi.redocly.app/_mock/swagger
Code Insight REST API Server
https://codeinsightapi.redocly.app/codeinsight/api

Email Templates

Internal API for fetching custom email templates and images from core server

Operations

CodebaseFolder

Operations

Deprecated APIs

Operations

Component

Operations

Files

Operations

Folder

Operations

Project API

Operations

Inventory API

Operations

inventoryWorkflow

Operations

Jobs

Operations

ldap

Operations

license

Operations

sourceCodeManagement

Operations

Perforce scmInstances

Request

Updates an instance of Perforce SCM.

Security
bearerAuth
Query
projectIdinteger(int64)>= 1required

ID of the project

Example: projectId=1
instanceIdinteger(int64)>= 0required

ID of the SCM instance

Bodyapplication/jsonrequired
urlstring[ 0 .. 2400 ] characters

url

userNamestring[ 0 .. 255 ] characters

userName

Example: "abc"
passwordstring[ 0 .. 255 ] characters

password

Example: "abc"
branchSpecstring[ 0 .. 255 ] characters

branchSpec

changeListNumstring[ 0 .. 255 ] characters

changeListNum

labelstring[ 0 .. 255 ] characters

label

curl -i -X PUT \
  'https://codeinsightapi.redocly.app/_mock/swagger/scmInstances/Perforce?projectId=1&instanceId=0' \
  -H 'Authorization: Bearer <YOUR_JWT_HERE>' \
  -H 'Content-Type: application/json' \
  -d '{
    "url": "string",
    "userName": "abc",
    "password": "abc",
    "branchSpec": "string",
    "changeListNum": "string",
    "label": "string"
  }'

Responses

Ok

Perforce scmInstances

Request

Create a new instance of Perforce SCM.
url - URL in the format: <protocol>:<host>:<port>/<depot>,or else configured P4PORT will be taken a default url.
userName/password - userName/password or else configured P4USER/P4PASSWD will be taken a default.
branchSpec - branchSpec(<Depot>/<ProjectPath>)
changeListNum/label - changeListNum/label Or leave blank to sync to the head revision.

Security
bearerAuth
Query
projectIdinteger(int64)>= 1required

ID of the project

Example: projectId=1
Bodyapplication/jsonrequired
urlstring[ 0 .. 2400 ] characters

url

userNamestring[ 0 .. 255 ] characters

userName

Example: "abc"
passwordstring[ 0 .. 255 ] characters

password

Example: "abc"
branchSpecstring[ 0 .. 255 ] characters

branchSpec

changeListNumstring[ 0 .. 255 ] characters

changeListNum

labelstring[ 0 .. 255 ] characters

label

curl -i -X POST \
  'https://codeinsightapi.redocly.app/_mock/swagger/scmInstances/Perforce?projectId=1' \
  -H 'Authorization: Bearer <YOUR_JWT_HERE>' \
  -H 'Content-Type: application/json' \
  -d '{
    "url": "string",
    "userName": "abc",
    "password": "abc",
    "branchSpec": "string",
    "changeListNum": "string",
    "label": "string"
  }'

Responses

Created

Git scmInstances

Request

Updates an instance of Git SCM.
url* - Enter one repository URL and branch/ tag/ commit ID in individual fields or one or more repository URLs separated by comma.
You can include a branch, tag, or commit ID notation as part of the URL.
userName/password - userName/password for authenticated access to the repository. Leave blank for anonymous or SSH access.
branch/commitId/tag - branch, tag or commit ID. Specify one of these values. Or leave blank to sync to the master branch.
These three fields will be considered only when single URL is provided without branch/ tag/ commit ID properties in the URL.
expansionLevel - (Optional, Integer, default: 1, values: 1/2/3) Control archive extraction depth: 1=None (no extraction), 2=Top-level archives only, 3=Recursive (nested archives).
deleteArchiveAfterExpand - (Optional, Boolean, default: false) Delete archive files after extraction to save disk space. Note: This field is only applicable when expansionLevel is 2 or 3.
archiveDirSuffix - (Optional, String, max: 20 chars) Suffix to be added to the expanded folder. Value cannot be more than 20 characters and cannot contain the following special characters: \ / : * ? " < > | \0 (Example: _Expanded). Note: This field is only applicable when expansionLevel is 2 or 3.

Security
bearerAuth
Query
projectIdinteger(int64)>= 1required

ID of the project

Example: projectId=1
instanceIdinteger(int64)>= 0required

ID of the SCM instance

Bodyapplication/jsonrequired
urlstring[ 0 .. 65535 ] charactersrequired

url

Example: "E.g. https://host.xz/path/to/repo.git or https://host.xz/path/to/repo.git~~branch1 or user@host:path/repo.git>>cmID123 or https://host.xz/path/to/repo.git^^tag1.1 or https://host.xz/path/to/repo.git~~branch1**FolderA or user@host:path/repo.git>>cmID123**FolderB or https://host.xz/path/to/repo.git^^tag1.1**FolderC or https://host.xz/path/to/repo.git**FolderD"
userNamestring[ 0 .. 255 ] characters

userName

Example: "abc"
passwordstring[ 0 .. 255 ] characters

password

Example: "abc"
branchstring[ 0 .. 255 ] characters

branch

Example: "master"
commitIdstring[ 0 .. 255 ] characters

commitId

tagstring[ 0 .. 255 ] characters

tag

deleteArchiveAfterExpandboolean

deleteArchiveAfterExpand

Default false
Example: true
expansionLevelinteger(int32)

expansionLevel

Default 1
Enum123
Example: 2
archiveDirSuffixstring[ 0 .. 20 ] characters

archiveDirSuffix

Example: "_Expanded"
curl -i -X PUT \
  'https://codeinsightapi.redocly.app/_mock/swagger/scmInstances/Git?projectId=1&instanceId=0' \
  -H 'Authorization: Bearer <YOUR_JWT_HERE>' \
  -H 'Content-Type: application/json' \
  -d '{
    "url": "E.g. https://host.xz/path/to/repo.git or https://host.xz/path/to/repo.git~~branch1 or user@host:path/repo.git>>cmID123 or https://host.xz/path/to/repo.git^^tag1.1 or https://host.xz/path/to/repo.git~~branch1**FolderA or user@host:path/repo.git>>cmID123**FolderB or https://host.xz/path/to/repo.git^^tag1.1**FolderC or https://host.xz/path/to/repo.git**FolderD",
    "userName": "abc",
    "password": "abc",
    "branch": "master",
    "commitId": "string",
    "tag": "string",
    "deleteArchiveAfterExpand": true,
    "expansionLevel": 2,
    "archiveDirSuffix": "_Expanded"
  }'

Responses

Ok

Git scmInstances

Request

Create a new instance of Git SCM.
url* - Enter one repository URL and branch/ tag/ commit ID in individual fields or one or more repository URLs separated by comma.
You can include a branch, tag, or commit ID notation as part of the URL.
userName/password - userName/password for authenticated access to the repository. Leave blank for anonymous or SSH access.
branch/commitId/tag - branch, tag or commit ID. Specify one of these values. Or leave blank to sync to the master branch.
These three fields will be considered only when single URL is provided without branch/ tag/ commit ID properties in the URL.
expansionLevel - (Optional, Integer, default: 1, values: 1/2/3) Control archive extraction depth: 1=None (no extraction), 2=Top-level archives only, 3=Recursive (nested archives).
deleteArchiveAfterExpand - (Optional, Boolean, default: false) Delete archive files after extraction to save disk space. Note: This field is only applicable when expansionLevel is 2 or 3.
archiveDirSuffix - (Optional, String, max: 20 chars) Suffix to be added to the expanded folder. Value cannot be more than 20 characters and cannot contain the following special characters: \ / : * ? " < > | \0 (Example: _Expanded). Note: This field is only applicable when expansionLevel is 2 or 3.

Security
bearerAuth
Query
projectIdinteger(int64)>= 1required

ID of the project

Example: projectId=1
Bodyapplication/jsonrequired
urlstring[ 0 .. 65535 ] charactersrequired

url

Example: "E.g. https://host.xz/path/to/repo.git or https://host.xz/path/to/repo.git~~branch1 or user@host:path/repo.git>>cmID123 or https://host.xz/path/to/repo.git^^tag1.1 or https://host.xz/path/to/repo.git~~branch1**FolderA or user@host:path/repo.git>>cmID123**FolderB or https://host.xz/path/to/repo.git^^tag1.1**FolderC or https://host.xz/path/to/repo.git**FolderD"
userNamestring[ 0 .. 255 ] characters

userName

Example: "abc"
passwordstring[ 0 .. 255 ] characters

password

Example: "abc"
branchstring[ 0 .. 255 ] characters

branch

Example: "master"
commitIdstring[ 0 .. 255 ] characters

commitId

tagstring[ 0 .. 255 ] characters

tag

deleteArchiveAfterExpandboolean

deleteArchiveAfterExpand

Default false
Example: true
expansionLevelinteger(int32)

expansionLevel

Default 1
Enum123
Example: 2
archiveDirSuffixstring[ 0 .. 20 ] characters

archiveDirSuffix

Example: "_Expanded"
curl -i -X POST \
  'https://codeinsightapi.redocly.app/_mock/swagger/scmInstances/Git?projectId=1' \
  -H 'Authorization: Bearer <YOUR_JWT_HERE>' \
  -H 'Content-Type: application/json' \
  -d '{
    "url": "E.g. https://host.xz/path/to/repo.git or https://host.xz/path/to/repo.git~~branch1 or user@host:path/repo.git>>cmID123 or https://host.xz/path/to/repo.git^^tag1.1 or https://host.xz/path/to/repo.git~~branch1**FolderA or user@host:path/repo.git>>cmID123**FolderB or https://host.xz/path/to/repo.git^^tag1.1**FolderC or https://host.xz/path/to/repo.git**FolderD",
    "userName": "abc",
    "password": "abc",
    "branch": "master",
    "commitId": "string",
    "tag": "string",
    "deleteArchiveAfterExpand": true,
    "expansionLevel": 2,
    "archiveDirSuffix": "_Expanded"
  }'

Responses

Created

scmInstances

Request

Fetch details of scm instances of a project.

Security
bearerAuth
Query
projectIdinteger(int64)>= 1required

ID of the project

Example: projectId=1
scmTypestring
Enum"GIT""TFS""PERFORCE""SUBVERSION"
instanceIdinteger(int64)>= 0

ID of the SCM instance

curl -i -X GET \
  'https://codeinsightapi.redocly.app/_mock/swagger/scmInstances?projectId=1&scmType=GIT&instanceId=0' \
  -H 'Authorization: Bearer <YOUR_JWT_HERE>'

Responses

Ok

Bodyapplication/json
propertyListArray of objects
scmtypestring
Response
application/json
{
  "propertyList": [
    { … }
  ],
  "scmtype": "string"
}

scmInstances

Request

Test connection api for scm instances

Security
bearerAuth
Query
projectIdinteger(int64)>= 1required

ID of the project

Example: projectId=1
scmTypestringrequired
Default "GIT"
Enum"GIT""TFS""PERFORCE""SUBVERSION"
instanceIdinteger(int64)>= 0required

ID of the SCM instance

curl -i -X POST \
  'https://codeinsightapi.redocly.app/_mock/swagger/scmInstances?projectId=1&scmType=GIT&instanceId=0' \
  -H 'Authorization: Bearer <YOUR_JWT_HERE>'

Responses

Ok

scmInstances

Request

Deletes an instance of a particular SCMType.

Security
bearerAuth
Query
projectIdinteger(int64)>= 1required

ID of the project

Example: projectId=1
scmTypestringrequired
Default "GIT"
Enum"GIT""TFS""PERFORCE""SUBVERSION"
instanceIdinteger(int64)>= 0required

ID of the SCM instance

curl -i -X DELETE \
  'https://codeinsightapi.redocly.app/_mock/swagger/scmInstances?projectId=1&scmType=GIT&instanceId=0' \
  -H 'Authorization: Bearer <YOUR_JWT_HERE>'

Responses

Ok

Subversion scmInstances

Request

Updates an instance of Subversion SCM.

Security
bearerAuth
Query
projectIdinteger(int64)>= 1required

ID of the project

Example: projectId=1
instanceIdinteger(int64)>= 0required

ID of the SCM instance

Bodyapplication/jsonrequired
urlstring[ 0 .. 2400 ] charactersrequired

url

userNamestring[ 0 .. 255 ] characters

userName

Example: "abc"
passwordstring[ 0 .. 255 ] characters

password

Example: "abc"
revisionNumberstring[ 0 .. 255 ] characters

revisionNumber

curl -i -X PUT \
  'https://codeinsightapi.redocly.app/_mock/swagger/scmInstances/Subversion?projectId=1&instanceId=0' \
  -H 'Authorization: Bearer <YOUR_JWT_HERE>' \
  -H 'Content-Type: application/json' \
  -d '{
    "url": "string",
    "userName": "abc",
    "password": "abc",
    "revisionNumber": "string"
  }'

Responses

Ok

Subversion scmInstances

Request

Create a new instance of Subversion SCM.
url* - URL in the format: <protocol>://<host>/<svnroot>/<repository>
userName/password - userName/password or leave blank for anonymous connection
revisionNumber - revision for which you want to create workspace and run scan on the same.

Security
bearerAuth
Query
projectIdinteger(int64)>= 1required

ID of the project

Example: projectId=1
Bodyapplication/jsonrequired
urlstring[ 0 .. 2400 ] charactersrequired

url

userNamestring[ 0 .. 255 ] characters

userName

Example: "abc"
passwordstring[ 0 .. 255 ] characters

password

Example: "abc"
revisionNumberstring[ 0 .. 255 ] characters

revisionNumber

curl -i -X POST \
  'https://codeinsightapi.redocly.app/_mock/swagger/scmInstances/Subversion?projectId=1' \
  -H 'Authorization: Bearer <YOUR_JWT_HERE>' \
  -H 'Content-Type: application/json' \
  -d '{
    "url": "string",
    "userName": "abc",
    "password": "abc",
    "revisionNumber": "string"
  }'

Responses

Created

TFS scmInstances

Request

Updates an instance of TFS SCM.

Security
bearerAuth
Query
projectIdinteger(int64)>= 1required

ID of the project

Example: projectId=1
instanceIdinteger(int64)>= 0required

ID of the SCM instance

Bodyapplication/jsonrequired
urlstring[ 0 .. 2400 ] charactersrequired

url

usernamestring[ 0 .. 255 ] charactersrequired

userName

Example: "abc"
passwordstring[ 0 .. 255 ] charactersrequired

password

Example: "abc"
changeSetstring[ 0 .. 255 ] characters

changeSet

labelstring[ 0 .. 255 ] characters

label

curl -i -X PUT \
  'https://codeinsightapi.redocly.app/_mock/swagger/scmInstances/TFS?projectId=1&instanceId=0' \
  -H 'Authorization: Bearer <YOUR_JWT_HERE>' \
  -H 'Content-Type: application/json' \
  -d '{
    "url": "string",
    "username": "abc",
    "password": "abc",
    "changeSet": "string",
    "label": "string"
  }'

Responses

Ok

TFS scmInstances

Request

Create a new instance of TFS SCM.
url* - URL in the below format:
<protocol>:<host>:<port>/<tfsroot>/<collection>/<project>
URL format for TFS 2016 and above:
<protocol>:<host>:<port>/<collection>/<project>
userName/password* - userName/password for authentication
changeSet - changeset you wish to sync.If Changeset is not provided, latest revision will be synced unless Label is specified.
label - Label you wish to sync. If Label is not provided, latest revision will be synced unless changeset is specified.

Security
bearerAuth
Query
projectIdinteger(int64)>= 1required

ID of the project

Example: projectId=1
Bodyapplication/jsonrequired
urlstring[ 0 .. 2400 ] charactersrequired

url

usernamestring[ 0 .. 255 ] charactersrequired

userName

Example: "abc"
passwordstring[ 0 .. 255 ] charactersrequired

password

Example: "abc"
changeSetstring[ 0 .. 255 ] characters

changeSet

labelstring[ 0 .. 255 ] characters

label

curl -i -X POST \
  'https://codeinsightapi.redocly.app/_mock/swagger/scmInstances/TFS?projectId=1' \
  -H 'Authorization: Bearer <YOUR_JWT_HERE>' \
  -H 'Content-Type: application/json' \
  -d '{
    "url": "string",
    "username": "abc",
    "password": "abc",
    "changeSet": "string",
    "label": "string"
  }'

Responses

Created

Reports

Operations

Rules

Operations

Scan profiles

Operations

Task

Operations

Scan API

Operations

User API

Operations

vulnerability

Operations