Support Snyk Learn
API docs
Product updates Sign up for free

API endpoints index and notes

This list includes the categories and names of REST GA and beta and V1 API endpoints, with the URL in the reference docs for each endpoint, and links to related information where available. REST is the default, and GA is the status unless beta is noted. V1 API is specified where applicable. This listing is a work in progress; additional information is being added continually. For additional information, see Solutions for specific use cases and Scenarios for using Snyk API.

AccessRequests (beta)

Get access requests

Apps

More information: Snyk Apps

Get a list of apps installed for a group

Install a Snyk App to this group

Revoke app authorization for a Snyk Group with install ID

Manage client secret for non-interactive Snyk App installations

DEPRECATED Get a list of app bots authorized to an organization

Replaced by: Get a list of apps installed for an organization

DEPRECATED Revoke app bot authorization

Replaced by: Revoke app authorization for a Snyk Group with install ID

See also: Revoke access for an app by install ID

DEPRECATED Get a list of apps created by an organization

Replaced by: Get a list of apps created by an organization

More information: Manage App details

DEPRECATED Create a new app for an organization

Replaced by: Create a new Snyk App for an organization

More information: Create a Snyk App using the Snyk API

Get a list of apps created by an organization

Replaces: DEPRECATED Get a list of apps created by an organization

Create a new Snyk App for an organization

Replaces: DEPRECATED Create a new app for an organization

Get a Snyk APP by its App ID

Replaces: DEPRECATED Get an app by client id

Delete an app by its App ID

Replaces: DEPRECATED Delete an app

More information: Manage App details

Update app creation attributes such as name, redirect URIs, and access token time to live using the App ID

Replaces: DEPRECATED Update App attributes that are name, redirect URIs, and access token time to live

More information: Manage App details

Manage client secret for the Snyk App

More information: Manage App details

Get a list of apps installed for an organization

Replaces: DEPRECATED Get a list of app bots authorized to an organization

Install a Snyk App to this organization

Revoke app authorization for a Snyk Organization with install ID

See also: Revoke app authorization for a Snyk Group with install ID

Manage client secret for non-interactive Snyk App installations

Replaces: DEPRECATED Manage client secrets for an app

DEPRECATED Get an app by client id

Replaced by: Get a Snyk App by its App ID

DEPRECATED Delete an app

Replaced by: Delete an app by its App ID

DEPRECATED Update app attributes that are name, redirect URIs, and access token time to live

Replaced by: Update app creation attributes such as name, redirect URIs, and access token time to live using the App ID

DEPRECATED Manage client secrets for an app

Replaced by: Revoke an app

Get a list of apps that can act on your behalf

Get a list of apps installed for a user

Revoke access for an app by install ID

Replaces: DEPRECATED Revoke app bot authorization

Revoke an app

Get a list of active OAuth sessions for the app

Revoke an active user app session

Audit Logs

Search Group audit logs

More information: Filter through your audit logs more efficiently with the new GA REST version of the audit logs API, and api.access is now opt-in; Retrieve audit logs of user-initiated activity by API for an Org or Group

Search Organization audit logs

More information: Retrieve audit logs of user-initiated activity by API for an Org or Group

Audit logs (v1)

Group level audit logs

Get group level audit logs

To find who created an Org-level or Group-level service account, use API v1 Get group level audit logs or Get organization level audit logs to find the event that shows service account creation, deletion, or edit.

Migrated Get group level audit logs

Organization level audit logs

Get organization level audit logs

To find who created an Org-level or Group-level service account, use API v1 Get group level audit logs or and Get organization level audit logs to find the event that shows service account creation, deletion, or edit.

Migrated Get organization level audit logs

Cloud (beta)

List Environments

Create New Environment

Delete Environment

Update Environment

Generate Cloud Provider Permissions

List Resources

List Scans

Create Scan

Get scan

Collection

Get collections

Create a collection

Get a collection

Delete a collection

Edit a collection

Get projects from the specified collection

Add projects to a collection

Remove projects from a collection

ContainerImage

List instances of container image

Get instance of container image

List instances of image target references for a container image

Custom Base Images

More information: Use Custom Base Image Recommendations

Get a custom base image collection

Create a Custom Base Image from an existing container project

More information: Use Custom Base Image Recommendations: Mark the created Project as a custom base image

Get a custom base image

Delete a custom base image

Update a custom base image

Dependencies (v1)

Dependencies by organization

List all dependencies

Migrated List all dependencies

Entitlements (v1)

Entitlements by organization

List all entitlements

Migrated list all entitlements

A specific entitlement by organization

Get an organization's entitlement value

Migrated Get an organization's entitlement value

Groups (beta)

Get all groups

Get a group

More information: Org and group identification for Projects

Get all SSO connections for a group

Get all users using a given SSO connection

Delete a user from a Group SSO connection

More information: Remove members from Groups and Orgs using the API and Retrieve audit logs of user-initiated activity by API for an Org or Group.

Groups (v1)

Group settings

View group settings

Migrated View group settings

Update group settings

Migrated Update group settings

List members in a group

List all members in a group

Migrated List all members in a group

More information: Remove members from Groups and Orgs using the API.

Members in an organization of a group

Add a member to an organization within a group

Migrated Add a member to an organization within a group

List all tags in a group

List all tags in a group

Migrated List all tags in a group

Delete Tag From Group

Delete tag from group

Migrated Delete tag from group

List all organizations in a group

List all organizations in a group

Migrated List all organizations in a group

More information: Org and group identification for Projects

List all roles in a group

List all roles in a group

Migrated List all roles in a group

More information: Update member roles using the V1 API.

IacSettings

Get the Infrastructure as Code Settings for a group

Update the Infrastructure as Code Settings for a group

More information: Use a remote IaC custom rules bundle, IaC custom rules within a pipeline, Use a remote IaC custom rules bundle

Get the Infrastructure as Code Settings for an org

Update the Infrastructure as Code Settings for an org

More information: Use a remote IaC custom rules bundle, Use a remote IaC custom rules bundle

Import Projects (v1)

Import

Import targets

The Snyk API v1 endpoint Import targets can be used to import Snyk Projects. Using this endpoint, you can automate importing multiple repositories; see Manage code vulnerabilities.

If this fails, use Get import job details to help determine why. There are two types of failures:

  • The repository was rejected for processing, that is, HTTP status code 201 was not returned. This happens if there is an issue Snyk can see quickly for example:

    • The repository does not exist.

    • The repository is unreachable by Snyk because the token is invalid or does not have sufficient permissions; there is no default branch.

  • The repository was accepted for processing, that is, the user got back HTTP status code 201 and a url to poll, but no projects were detected or some failed. This may occur because:

    • There are no Snyk-supported manifests in this repository.

    • The repository is archived and the Snyk API calls to fetch files fail.

    • The individual project or manifest had issues during processing. In this case Snyk returns success: false with a message in the log.

The poll results return a message per manifest processed, either success: true or success: false.

Migrated import targets

Import job

Get import job details

Migrated Get import job details

Integrations (v1)

Integrations

List

Migrated List integrations

Add new integration

Migrated Add new integration

Integration

Update existing integration

Migrated Update existing integration

Integration authentication

Delete credentials

Migrated Delete credentials

Integration broker token provisioning

Provision new broker token

Migrated Provision new broker token

Integration broker token switching

Switch between broker tokens

Migrated Switch between broker tokens

Integration cloning

Clone an integration (with settings and credentials)

Migrated Clone an integration (with settings and credentials)

Integration by type

Get existing integration by type

Migrated Get existing integration by type

Integration settings

Retrieve

Migrated Retrieve integration settings

Update

Migrated Update integration settings

Invites

See also: Migrated invite users

List pending user invitations to an organization

Invite a user to an organization

Cancel a pending user invitations to an organization

Issues

Get issues by group ID

Get an issue

Note: Remedies are not included in the response at this time.

Get issues by org ID

Get an issue

List issues for a given set of packages (Currently not available to all customers)

List issues for a package

Licenses (v1)

Licenses by organization

List all licenses

Migrated List all licenses

Monitor (v1)

Dep Graph

More information: Dep Graph API

Monitor Dep Graph

OpenAPI

List available versions of OpenAPI specification

Get OpenAPI specification effective at version

Organizations (v1)

The Snyk organization for a request

List all the organizations a user belongs to

Migrated List all the organizations a user belongs to

More information: Org and group identification for Projects

Create organization

Create a new organization

Migrated Create a new organization

Notification settings

Get organization notification settings

Migrated Get organization notification settings

Set notification settings

Migrated Set notification settings

User invitation to organization

Invite users

Migrated Invite users

Members in organization

List members

Migrated List members

More information: Update member roles using the V1 API and Remove members from Groups and Orgs using the API.

Organization settings

View organization settings

Migrated View organization settings

Update organization settings

Migrated Update organization settings

Manage roles in organization

Update a member in the organization

Migrated Update a member in the organization

Remove a member from the organization

Migrated Remove a member from the organization

More information: Remove members from Groups and Orgs using the API.

Update member roles in your organization

Update a member's role in the organization

Migrated Update a member's role in the organization

More information: Update member roles using the V1 API.

Manage organization

Remove organization

Migrated Remove organization

Provision user

More information: Provision users to Organizations using the V1 API.

Provision a user to the organization

Migrated Provision a user to the organization

List pending user provisions

Migrated List pending user provisions

Delete pending user provision

Migrated Delete pending user provision

Orgs (GA and beta)

List all organizations in a group

List accessible organizations

Get an ORG (beta)

Get organization

More information: Org and group identification for Projects

Update organization

Projects

List all Projects for an Org with the given Org ID

The query-string parameter types is optional. The endpoint does not enforce specific project types and will return no matching projects if you enter a string that does not match a project type.

Get project by project ID

Delete project by project ID

Updates project by project ID

Projects (v1)

More information: Project type responses from API

Individual project

Retrieve a single project

Migrated Retrieve a single project

Update a project

Migrated Update a project

Delete a project

Migrated Delete a project

Deactivate an individual project

Deactivate

Migrated Deactivate an individual project

Activate an individual project

Activate

Migrated Activate an individual project

Aggregated Project issues

List all Aggregated issues

Migrated List all aggregated issues

The Snyk V1 API endpoint List all aggregated issues returns an array of ignoreReasons for each vulnerability. This happens because ignores implemented using the CLI and API are path-based and thus potentially could have different ignoreReasons for different paths. Because List all aggregated issues returns only one issue for all paths, the entire set of reasons is returned. Snyk groups issues together by their identifier, so one response for the List all aggregated issues endpoint could correspond to the same issue across multiple paths. Thus the ignoredReason is across all issues that are aggregated and applies to that single grouped issue.

Project Issue Paths

More information: V1 API Project issue paths endpoints

List all project issue paths

Migrated List all project issue paths

Project History

List all project snapshots

Migrated List all project snapshots

Aggregated Project Snapshot Issues

List all project snapshot aggregated issues

Migrated List all project snapshot aggregated issues

Project Snapshot Issue Paths

List all project snapshot issue paths

Migrated List all project snapshot issue paths

Project dependency graph

Get Project dependency graph

Migrated Get Project dependency graph

Project ignores

List all ignores

Migrated List all ignores

Ignored issues

Retrieve ignore

Migrated Retrieve ignore

Add ignore

Migrated Add ignore

Replace ignores

Migrated Replace ignores

Delete ignores

Migrated Delete ignores

Project jira issues

List all jira issues

Migrated List all jira issues

Create jira issue

Migrated Create Jira issue

Project settings

List project settings

Migrated List project settings

Update project settings

Migrated Update project settings

Delete project settings

Migrated Delete project settings

Move project

Move project to a different organization

Migrated Move project to a different organization

Project tags

Add a tag to a project

Migrated Add a tag to a project

Remove project tag

Remove a tag from a project

Migrated Remove a tag from a project

Project Attributes

Applying attributes

By using the Snyk API v1 endpoint Applying attributes you can set attributes for Snyk Projects including business criticality, lifecycle stage, and environment once the project has been created . To do so:

  • Import the project using the Snyk API v1 endpoint Import targets.

  • Get the status API ID from Import targets.

  • Poll using Import job details until all imports have completed.

  • Parse the project IDs from the projectURL field.

  • Use the Applying attributes endpoint to set the project attributes.

Migrated Applying attributes

Pull request templates

More information: Create and manage a custom PR template using the API.

Get pull request template for group

Create or update pull request template for group

Delete pull request template for group

Reporting API (v1)

Latest issues

Get list of latest issues

To list all projects that have a vulnerability linked to a CVE use the capability to filter on strings with the Get list of latest issues and Get List of issues reporting endpoints. Filter by the identifier attribute.

To get a list of issues that have been fixed: Use Get list of latest issues and filter by “isFixed”: true in the request body. This endpoint also provides a list of all IaC issues.

Migrated Get list of latest issues

Issues

Get list of issues

To list all projects that have a vulnerability linked to a CVE use the capability to filter on strings with the Get list of latest issues and Get List of issues (reporting) endpoints. Filter by the identifier attribute.

Migrated Get list of issues

Latest issue counts

Get latest issue counts

Migrated latest issue counts

Issue counts over time

Get issue counts

Migrated Get Issue counts

Latest project counts

Get latest project counts

Migrated Get latest project counts

Project counts over time

Get project counts

Migrated Get project counts

Test counts

Get test counts

Migrated test counts

SBOM (GA and beta)

Get a project’s SBOM document

Create an SBOM test run (beta)

Gets an SBOM test run status (beta)

Gets an SBOM test run result (beta)

SastSettings

Retrieves the SAST settings for an org

Enable/Disable the Snyk Code settings for an org

ServiceAccounts

More information: Manage service accounts using the Snyk API; Choose a service account type to use with Snyk APIs

Get a list of group service accounts

Create a service account for a group

Get a group service account

Delete a group service account

Update a group service account

Manage a group service account’s client secret

Get a list of organization service accounts

Create a service account for an organization

Get an organization service account

Delete a service account in an organization

Update an organization service account

Manage an organization service account’s client secret

Slack

Get a list of Slack channels

Get Slack Channel name by Slack Channel ID

SlackSettings

Get Slack integration default notification settings

Create new Slack notification default settings

Remove the given Slack App integration

Slack notification settings overrides for projects

Create a new Slack settings override for a given project

Remove Slack settings override for a project

Update Slack notification settings for a project

Targets

Get targets by org ID

More information: Target definition on the Projects page

Get target by target ID

Delete target by target ID

Test (v1)

Maven

Test for issues in a public package by group id, artifact id and version

Migrated Test for issues in a public package by group id, artfact id and version

Test maven file

Migrated Test maven file

npm

Test for issues in a public package by name and version

Migrated Test for issues in a public package by name and version

Test package.json & package-lock.json File

Migrated Test package.json & package-lock.json file

dep

Test Gopkg.toml & Gopkg.lock File

Migrated Test Gopkg.toml & Gopkg.lock file

vendor

Test vendor.json file

Migrated Test vendor.json file

yarn

Test package.json & yarn.lock file

Migrated Test package.json & yarn.lock file

rubygems

Test for issues in a public gem by name and version

Migrated Test for issues in a public gem by name and version

Test gemfile.lock file

Migrated Test gemfile.lock file

Gradle

Test for issues in a public package by group, name and version

Migrated Test for issues in a public package by group, name and version

Test gradle file

Migrated test gradle file

sbt

Test for issues in a public package by group id, artifact id and version

Migrated Test for issues in a public package by gorup id, artifact id and version

Test sbt file

Migrated Test sbt file

pip

Test for issues in a public package by name and version

Migrated Test for issues in a public package by name and version

Test requirements.txt file

Migrated Test requirements.txt file

composer

Test composer.json & composer.lock file

Migrated Test composer.json & composer.lock file

Dep Graph

More information: Dep Graph API

Test Dep Graph

Migrated Test Dep Graph

Users

Update a user’s role in a group (beta)

Note: Use this endpoint to remove users from a group.

More information: Remove members from Groups and Orgs using the API.

Get user by ID (beta)

My User Details

Users (v1)

User Details

Get user details

Migrated Get user details

My User Details

Get My Details

Migrated Get My Details

User organization notification settings

Get organization notification settings

Migrated Get organization notification settings

Modify organization notification settings

Migrated Modify organization notification settings

User project notification settings

Get project notification settings

Migrated Get project notification settings

Modify project notification settings

Migrated Modify project notification settings

Webhooks (v1)

Webhook Collection

Create a webhook

Migrated Create a webhook

List webhooks

Migrated List webhooks

Webhook

Retrieve a webhook

Migrated Retrieve a webhook

Delete a webhook

Migrated Delete a webhook

Ping

Ping a webhook

Migrated Ping a webhook

PreviousConfigure the AWS Lambda scriptNextSolutions for specific use cases

Last updated

More information

Snyk privacy policy

© 2023 Snyk Limited | All product and company names and logos are trademarks of their respective owners.