API endpoints index and notes
This list includes the categories and names of REST GA and beta and V1 API endpoints, with the URL in the reference docs for each endpoint, and links to related information where available. REST is the default, and GA is the status unless beta is noted. V1 API is specified where applicable. This listing is a work in progress; additional information is being added continually. For additional information, see Solutions for specific use cases and Scenarios for using Snyk API.
AccessRequests (beta)
Apps
More information: Snyk Apps
Replaced by: Get a list of apps installed for an organization
DEPRECATED Revoke app bot authorization
Replaced by: Revoke app authorization for a Snyk Group with install ID
See also: Revoke access for an app by install ID
Replaced by: Get a list of apps created by an organization
More information: Manage App details
DEPRECATED Create a new app for an organization
Replaced by: Create a new Snyk App for an organization
More information: Create a Snyk App using the Snyk API
Replaces: DEPRECATED Get a list of apps created by an organization
Replaces: DEPRECATED Create a new app for an organization
Replaces: DEPRECATED Get an app by client id
Replaces: DEPRECATED Delete an app
More information: Manage App details
Replaces: DEPRECATED Update App attributes that are name, redirect URIs, and access token time to live
More information: Manage App details
More information: Manage App details
Replaces: DEPRECATED Get a list of app bots authorized to an organization
See also: Revoke app authorization for a Snyk Group with install ID
Replaces: DEPRECATED Manage client secrets for an app
DEPRECATED Get an app by client id
Replaced by: Get a Snyk App by its App ID
DEPRECATED Delete an app
Replaced by: Delete an app by its App ID
Replaced by: Update app creation attributes such as name, redirect URIs, and access token time to live using the App ID
DEPRECATED Manage client secrets for an app
Replaced by: Revoke an app
Replaces: DEPRECATED Revoke app bot authorization
Audit Logs
More information: Filter through your audit logs more efficiently with the new GA REST version of the audit logs API, and api.access is now opt-in; Retrieve audit logs of user-initiated activity by API for an Org or Group
More information: Retrieve audit logs of user-initiated activity by API for an Org or Group
Audit logs (v1)
Group level audit logs
To find who created an Org-level or Group-level service account, use API v1 Get group level audit logs or Get organization level audit logs to find the event that shows service account creation, deletion, or edit.
Migrated Get group level audit logs
Organization level audit logs
To find who created an Org-level or Group-level service account, use API v1 Get group level audit logs or and Get organization level audit logs to find the event that shows service account creation, deletion, or edit.
Migrated Get organization level audit logs
Cloud (beta)
Collection
ContainerImage
Custom Base Images
More information: Use Custom Base Image Recommendations
More information: Use Custom Base Image Recommendations: Mark the created Project as a custom base image
Dependencies (v1)
Dependencies by organization
List all dependencies
Migrated List all dependencies
Entitlements (v1)
Entitlements by organization
List all entitlements
Migrated list all entitlements
A specific entitlement by organization
Get an organization's entitlement value
Migrated Get an organization's entitlement value
Groups (beta)
More information: Org and group identification for Projects
More information: Remove members from Groups and Orgs using the API and Retrieve audit logs of user-initiated activity by API for an Org or Group.
Groups (v1)
Group settings
View group settings
Update group settings
Migrated Update group settings
List members in a group
List all members in a group
Migrated List all members in a group
More information: Remove members from Groups and Orgs using the API.
Members in an organization of a group
Add a member to an organization within a group
Migrated Add a member to an organization within a group
List all tags in a group
List all tags in a group
Migrated List all tags in a group
Delete Tag From Group
Delete tag from group
Migrated Delete tag from group
List all organizations in a group
List all organizations in a group
Migrated List all organizations in a group
More information: Org and group identification for Projects
List all roles in a group
List all roles in a group
Migrated List all roles in a group
More information: Update member roles using the V1 API.
IacSettings
More information: Use a remote IaC custom rules bundle, IaC custom rules within a pipeline, Use a remote IaC custom rules bundle
More information: Use a remote IaC custom rules bundle, Use a remote IaC custom rules bundle
Import Projects (v1)
Import
Import targets
The Snyk API v1 endpoint Import targets can be used to import Snyk Projects. Using this endpoint, you can automate importing multiple repositories; see Manage code vulnerabilities.
If this fails, use Get import job details to help determine why. There are two types of failures:
The repository was rejected for processing, that is, HTTP status code 201 was not returned. This happens if there is an issue Snyk can see quickly for example:
The repository does not exist.
The repository is unreachable by Snyk because the token is invalid or does not have sufficient permissions; there is no default branch.
The repository was accepted for processing, that is, the user got back HTTP status code 201 and a url to poll, but no projects were detected or some failed. This may occur because:
There are no Snyk-supported manifests in this repository.
The repository is archived and the Snyk API calls to fetch files fail.
The individual project or manifest had issues during processing. In this case Snyk returns success: false with a message in the log.
The poll results return a message per manifest processed, either success: true
or success: false.
Import job
Get import job details
Migrated Get import job details
Integrations (v1)
Integrations
List
Add new integration
Integration
Update existing integration
Migrated Update existing integration
Integration authentication
Delete credentials
Integration broker token provisioning
Provision new broker token
Migrated Provision new broker token
Integration broker token switching
Switch between broker tokens
Migrated Switch between broker tokens
Integration cloning
Clone an integration (with settings and credentials)
Migrated Clone an integration (with settings and credentials)
Integration by type
Get existing integration by type
Migrated Get existing integration by type
Integration settings
Retrieve
Migrated Retrieve integration settings
Update
Migrated Update integration settings
Invites
See also: Migrated invite users
Issues
Note: Remedies are not included in the response at this time.
List issues for a given set of packages (Currently not available to all customers)
Licenses (v1)
Licenses by organization
List all licenses
Monitor (v1)
Dep Graph
More information: Dep Graph API
OpenAPI
Organizations (v1)
The Snyk organization for a request
List all the organizations a user belongs to
Migrated List all the organizations a user belongs to
More information: Org and group identification for Projects
Create organization
Create a new organization
Migrated Create a new organization
Notification settings
Get organization notification settings
Migrated Get organization notification settings
Set notification settings
Migrated Set notification settings
User invitation to organization
Invite users
Members in organization
List members
More information: Update member roles using the V1 API and Remove members from Groups and Orgs using the API.
Organization settings
View organization settings
Migrated View organization settings
Update organization settings
Migrated Update organization settings
Manage roles in organization
Update a member in the organization
Migrated Update a member in the organization
Remove a member from the organization
Migrated Remove a member from the organization
More information: Remove members from Groups and Orgs using the API.
Update member roles in your organization
Update a member's role in the organization
Migrated Update a member's role in the organization
More information: Update member roles using the V1 API.
Manage organization
Remove organization
Provision user
More information: Provision users to Organizations using the V1 API.
Provision a user to the organization
Migrated Provision a user to the organization
List pending user provisions
Migrated List pending user provisions
Delete pending user provision
Migrated Delete pending user provision
Orgs (GA and beta)
Get an ORG (beta)
More information: Org and group identification for Projects
Projects
The query-string parameter types is optional. The endpoint does not enforce specific project types and will return no matching projects if you enter a string that does not match a project type.
Projects (v1)
More information: Project type responses from API
Individual project
Retrieve a single project
Migrated Retrieve a single project
Update a project
Delete a project
Deactivate an individual project
Deactivate
Migrated Deactivate an individual project
Activate an individual project
Activate
Migrated Activate an individual project
Aggregated Project issues
List all Aggregated issues
Migrated List all aggregated issues
The Snyk V1 API endpoint List all aggregated issues returns an array of ignoreReasons
for each vulnerability. This happens because ignores implemented using the CLI and API are path-based and thus potentially could have different ignoreReasons
for different paths. Because List all aggregated issues returns only one issue for all paths, the entire set of reasons is returned. Snyk groups issues together by their identifier, so one response for the List all aggregated issues endpoint could correspond to the same issue across multiple paths. Thus the ignoredReason
is across all issues that are aggregated and applies to that single grouped issue.
Project Issue Paths
More information: V1 API Project issue paths endpoints
List all project issue paths
Migrated List all project issue paths
Project History
List all project snapshots
Migrated List all project snapshots
Aggregated Project Snapshot Issues
List all project snapshot aggregated issues
Migrated List all project snapshot aggregated issues
Project Snapshot Issue Paths
List all project snapshot issue paths
Migrated List all project snapshot issue paths
Project dependency graph
Get Project dependency graph
Migrated Get Project dependency graph
Project ignores
List all ignores
Ignored issues
Retrieve ignore
Add ignore
Replace ignores
Delete ignores
Project jira issues
List all jira issues
Create jira issue
Project settings
List project settings
Migrated List project settings
Update project settings
Migrated Update project settings
Delete project settings
Migrated Delete project settings
Move project
Move project to a different organization
Migrated Move project to a different organization
Project tags
Add a tag to a project
Migrated Add a tag to a project
Remove project tag
Remove a tag from a project
Migrated Remove a tag from a project
Project Attributes
Applying attributes
By using the Snyk API v1 endpoint Applying attributes you can set attributes for Snyk Projects including business criticality, lifecycle stage, and environment once the project has been created . To do so:
Import the project using the Snyk API v1 endpoint Import targets.
Get the status API ID from Import targets.
Poll using Import job details until all imports have completed.
Parse the project IDs from the projectURL field.
Use the Applying attributes endpoint to set the project attributes.
Pull request templates
More information: Create and manage a custom PR template using the API.
Reporting API (v1)
Latest issues
Get list of latest issues
To list all projects that have a vulnerability linked to a CVE use the capability to filter on strings with the Get list of latest issues and Get List of issues reporting endpoints. Filter by the identifier attribute.
To get a list of issues that have been fixed: Use Get list of latest issues and filter by “isFixed”: true
in the request body. This endpoint also provides a list of all IaC issues.
Migrated Get list of latest issues
Issues
Get list of issues
To list all projects that have a vulnerability linked to a CVE use the capability to filter on strings with the Get list of latest issues and Get List of issues (reporting) endpoints. Filter by the identifier attribute.
Latest issue counts
Get latest issue counts
Issue counts over time
Get issue counts
Latest project counts
Get latest project counts
Migrated Get latest project counts
Project counts over time
Get project counts
Test counts
Get test counts
SBOM (GA and beta)
Create an SBOM test run (beta)
Gets an SBOM test run status (beta)
Gets an SBOM test run result (beta)
SastSettings
ServiceAccounts
More information: Manage service accounts using the Snyk API; Choose a service account type to use with Snyk APIs
Slack
SlackSettings
Targets
More information: Target definition on the Projects page
Test (v1)
Maven
Test for issues in a public package by group id, artifact id and version
Migrated Test for issues in a public package by group id, artfact id and version
Test maven file
npm
Test for issues in a public package by name and version
Migrated Test for issues in a public package by name and version
Test package.json & package-lock.json File
Migrated Test package.json & package-lock.json file
dep
Test Gopkg.toml & Gopkg.lock File
Migrated Test Gopkg.toml & Gopkg.lock file
vendor
Test vendor.json file
Migrated Test vendor.json file
yarn
Test package.json & yarn.lock file
Migrated Test package.json & yarn.lock file
rubygems
Test for issues in a public gem by name and version
Migrated Test for issues in a public gem by name and version
Test gemfile.lock file
Migrated Test gemfile.lock file
Gradle
Test for issues in a public package by group, name and version
Migrated Test for issues in a public package by group, name and version
Test gradle file
sbt
Test for issues in a public package by group id, artifact id and version
Migrated Test for issues in a public package by gorup id, artifact id and version
Test sbt file
pip
Test for issues in a public package by name and version
Migrated Test for issues in a public package by name and version
Test requirements.txt file
Migrated Test requirements.txt file
composer
Test composer.json & composer.lock file
Migrated Test composer.json & composer.lock file
Dep Graph
More information: Dep Graph API
Test Dep Graph
Users
Note: Use this endpoint to remove users from a group.
More information: Remove members from Groups and Orgs using the API.
Get user by ID (beta)
Users (v1)
User Details
Get user details
My User Details
Get My Details
User organization notification settings
Get organization notification settings
Migrated Get organization notification settings
Modify organization notification settings
Migrated Modify organization notification settings
User project notification settings
Get project notification settings
Migrated Get project notification settings
Modify project notification settings
Migrated Modify project notification settings
Webhooks (v1)
Webhook Collection
Create a webhook
List webhooks
Webhook
Retrieve a webhook
Delete a webhook
Ping
Ping a webhook
Last updated