Apps
Get a list of Snyk Apps that can act on your behalf
Requested API version
2021-06-04Pattern: ^(wip|work-in-progress|experimental|beta|((([0-9]{4})-([0-1][0-9]))-((3[01])|(0[1-9])|([12][0-9]))(~(wip|work-in-progress|experimental|beta))?))$Return the page of results immediately after this cursor
v1.eyJpZCI6IjEwMDAifQo=Return the page of results immediately before this cursor
v1.eyJpZCI6IjExMDAifQo=Number of results to return per page
10Example: 10A list of apps install that can act on your behalf
Bad Request: A parameter provided as a part of the request was invalid.
Unauthorized: the request requires an authentication token.
Forbidden: the request requires an authentication token with more or different permissions.
Not Found: The resource being operated on could not be found.
Conflict: The requested operation conflicts with the current state of the resource in some way.
Internal Server Error: An error was encountered while attempting to process the request.
GET /rest/self/apps HTTP/1.1
Host: api.snyk.io
Authorization: YOUR_API_KEY
Accept: */*
{
"data": [
{
"attributes": {
"client_id": "941b423a-e0a0-4a33-a7ca-dd9e9e6bd8cf",
"context": "tenant",
"name": "My App",
"scopes": [
"text"
]
},
"id": "123e4567-e89b-12d3-a456-426614174000",
"links": {
"first": "https://example.com/api/resource",
"last": "https://example.com/api/resource",
"next": "https://example.com/api/resource",
"prev": "https://example.com/api/resource",
"related": "https://example.com/api/resource",
"self": "https://example.com/api/resource"
},
"type": "text"
}
],
"jsonapi": {
"version": "1.0"
},
"links": {
"first": "https://example.com/api/resource?ending_before=v1.eyJpZCI6IjExIn0K",
"last": "https://example.com/api/resource?starting_after=v1.eyJpZCI6IjMwIn0K",
"next": "https://example.com/api/resource?starting_after=v1.eyJpZCI6IjEwIn0K"
}
}Revoke access for an app by app id
App ID
Requested API version
2021-06-04Pattern: ^(wip|work-in-progress|experimental|beta|((([0-9]{4})-([0-1][0-9]))-((3[01])|(0[1-9])|([12][0-9]))(~(wip|work-in-progress|experimental|beta))?))$Access to the Snyk App is revoked, with no content (no errors).
Bad Request: A parameter provided as a part of the request was invalid.
Unauthorized: the request requires an authentication token.
Forbidden: the request requires an authentication token with more or different permissions.
Not Found: The resource being operated on could not be found.
Conflict: The requested operation conflicts with the current state of the resource in some way.
Internal Server Error: An error was encountered while attempting to process the request.
DELETE /rest/self/apps/{app_id} HTTP/1.1
Host: api.snyk.io
Authorization: YOUR_API_KEY
Accept: */*
No content
Get a list of active OAuth sessions by app ID
App ID
Requested API version
2021-06-04Pattern: ^(wip|work-in-progress|experimental|beta|((([0-9]{4})-([0-1][0-9]))-((3[01])|(0[1-9])|([12][0-9]))(~(wip|work-in-progress|experimental|beta))?))$Return the page of results immediately after this cursor
v1.eyJpZCI6IjEwMDAifQo=Return the page of results immediately before this cursor
v1.eyJpZCI6IjExMDAifQo=Number of results to return per page
10Example: 10Attributes identifying the active OAuth sessions.
Bad Request: A parameter provided as a part of the request was invalid.
Unauthorized: the request requires an authentication token.
Forbidden: the request requires an authentication token with more or different permissions.
Not Found: The resource being operated on could not be found.
Conflict: The requested operation conflicts with the current state of the resource in some way.
Internal Server Error: An error was encountered while attempting to process the request.
GET /rest/self/apps/{app_id}/sessions HTTP/1.1
Host: api.snyk.io
Authorization: YOUR_API_KEY
Accept: */*
{
"data": [
{
"attributes": {
"created_at": "2025-08-15T10:29:17.053Z"
},
"id": "123e4567-e89b-12d3-a456-426614174000",
"type": "text"
}
],
"jsonapi": {
"version": "1.0"
},
"links": {
"first": "https://example.com/api/resource?ending_before=v1.eyJpZCI6IjExIn0K",
"last": "https://example.com/api/resource?starting_after=v1.eyJpZCI6IjMwIn0K",
"next": "https://example.com/api/resource?starting_after=v1.eyJpZCI6IjEwIn0K"
}
}Revoke the Snyk App session of an active user
App ID
Session ID
Requested API version
2021-06-04Pattern: ^(wip|work-in-progress|experimental|beta|((([0-9]{4})-([0-1][0-9]))-((3[01])|(0[1-9])|([12][0-9]))(~(wip|work-in-progress|experimental|beta))?))$The user app sessions has been revoked.
Bad Request: A parameter provided as a part of the request was invalid.
Unauthorized: the request requires an authentication token.
Forbidden: the request requires an authentication token with more or different permissions.
Not Found: The resource being operated on could not be found.
Conflict: The requested operation conflicts with the current state of the resource in some way.
Internal Server Error: An error was encountered while attempting to process the request.
DELETE /rest/self/apps/{app_id}/sessions/{session_id} HTTP/1.1
Host: api.snyk.io
Authorization: YOUR_API_KEY
Accept: */*
No content
Get a list of Snyk Apps installed for a user
Requested API version
2021-06-04Pattern: ^(wip|work-in-progress|experimental|beta|((([0-9]{4})-([0-1][0-9]))-((3[01])|(0[1-9])|([12][0-9]))(~(wip|work-in-progress|experimental|beta))?))$Return the page of results immediately after this cursor
v1.eyJpZCI6IjEwMDAifQo=Return the page of results immediately before this cursor
v1.eyJpZCI6IjExMDAifQo=Number of results to return per page
10Example: 10A list of apps installed for the specified organization.
Bad Request: A parameter provided as a part of the request was invalid.
Unauthorized: the request requires an authentication token.
Forbidden: the request requires an authentication token with more or different permissions.
Not Found: The resource being operated on could not be found.
Conflict: The requested operation conflicts with the current state of the resource in some way.
Internal Server Error: An error was encountered while attempting to process the request.
GET /rest/self/apps/installs HTTP/1.1
Host: api.snyk.io
Authorization: YOUR_API_KEY
Accept: */*
{
"data": [
{
"attributes": {
"client_id": "941b423a-e0a0-4a33-a7ca-dd9e9e6bd8cf",
"installed_at": "2024-04-30T16:07:46.230044Z"
},
"id": "123e4567-e89b-12d3-a456-426614174000",
"links": {
"first": "https://example.com/api/resource",
"last": "https://example.com/api/resource",
"next": "https://example.com/api/resource",
"prev": "https://example.com/api/resource",
"related": "https://example.com/api/resource",
"self": "https://example.com/api/resource"
},
"relationships": {
"app": {
"data": {
"attributes": {
"client_id": "123e4567-e89b-12d3-a456-426614174000",
"context": "tenant",
"name": "My App",
"scopes": [
"text"
]
},
"id": "123e4567-e89b-12d3-a456-426614174000",
"links": {
"first": "https://example.com/api/resource",
"last": "https://example.com/api/resource",
"next": "https://example.com/api/resource",
"prev": "https://example.com/api/resource",
"related": "https://example.com/api/resource",
"self": "https://example.com/api/resource"
},
"type": "text"
}
}
},
"type": "text"
}
],
"jsonapi": {
"version": "1.0"
},
"links": {
"first": "https://example.com/api/resource?ending_before=v1.eyJpZCI6IjExIn0K",
"last": "https://example.com/api/resource?starting_after=v1.eyJpZCI6IjMwIn0K",
"next": "https://example.com/api/resource?starting_after=v1.eyJpZCI6IjEwIn0K"
}
}Revoke a Snyk App by install ID
Install ID
Requested API version
2021-06-04Pattern: ^(wip|work-in-progress|experimental|beta|((([0-9]{4})-([0-1][0-9]))-((3[01])|(0[1-9])|([12][0-9]))(~(wip|work-in-progress|experimental|beta))?))$The Snyk App install is revoked, with no content (no errors).
Bad Request: A parameter provided as a part of the request was invalid.
Unauthorized: the request requires an authentication token.
Forbidden: the request requires an authentication token with more or different permissions.
Not Found: The resource being operated on could not be found.
Conflict: The requested operation conflicts with the current state of the resource in some way.
Internal Server Error: An error was encountered while attempting to process the request.
DELETE /rest/self/apps/installs/{install_id} HTTP/1.1
Host: api.snyk.io
Authorization: YOUR_API_KEY
Accept: */*
No content
Create a new app for an organization. Deprecated, use /orgs/{org_id}/apps/creations instead.
Required permissions
Create Apps (org.app.create)
Org ID
Requested API version
2021-06-04Pattern: ^(wip|work-in-progress|experimental|beta|((([0-9]{4})-([0-1][0-9]))-((3[01])|(0[1-9])|([12][0-9]))(~(wip|work-in-progress|experimental|beta))?))$The access token time to live for your app, in seconds. It only affects the newly generated access tokens, existing access token will continue to have their previous time to live as expiration.
3600Allow installing the app to a org/group or to a user, default tenant.
New name of the app to display to users during authorization flow.
My AppList of allowed redirect URIs to call back after authentication.
["https://example.com/callback"]The scopes this app is allowed to request during authorization.
Created Snyk App successfully
Bad Request: A parameter provided as a part of the request was invalid.
Unauthorized: the request requires an authentication token.
Forbidden: the request requires an authentication token with more or different permissions.
Not Found: The resource being operated on could not be found.
Conflict: The requested operation conflicts with the current state of the resource in some way.
Internal Server Error: An error was encountered while attempting to process the request.
POST /rest/orgs/{org_id}/apps HTTP/1.1
Host: api.snyk.io
Authorization: YOUR_API_KEY
Content-Type: application/vnd.api+json
Accept: */*
Content-Length: 135
{
"access_token_ttl_seconds": 3600,
"context": "tenant",
"name": "My App",
"redirect_uris": [
"https://example.com/callback"
],
"scopes": [
"text"
]
}{
"data": {
"attributes": {
"access_token_ttl_seconds": 3600,
"client_id": "941b423a-e0a0-4a33-a7ca-dd9e9e6bd8cf",
"client_secret": "snyk_cs_ctZW0JsWG^Bm`*oPo=mnV26qU_6pjxht<]S_v1",
"context": "tenant",
"grant_type": "authorization_code",
"is_confidential": true,
"is_public": false,
"name": "My App",
"org_public_id": "123e4567-e89b-12d3-a456-426614174000",
"redirect_uris": [
"https://example.com/callback"
],
"scopes": [
"text"
]
},
"id": "123e4567-e89b-12d3-a456-426614174000",
"type": "text"
},
"jsonapi": {
"version": "1.0"
},
"links": {
"self": "https://example.com/api/this_resource"
}
}Get a list of Snyk Apps created by an Organization Deprecated, use /orgs/{org_id}/apps/creations instead.
Required permissions
View Apps (org.app.read)
Org ID
Requested API version
2021-06-04Pattern: ^(wip|work-in-progress|experimental|beta|((([0-9]{4})-([0-1][0-9]))-((3[01])|(0[1-9])|([12][0-9]))(~(wip|work-in-progress|experimental|beta))?))$Return the page of results immediately after this cursor
v1.eyJpZCI6IjEwMDAifQo=Return the page of results immediately before this cursor
v1.eyJpZCI6IjExMDAifQo=Number of results to return per page
10Example: 10A list of apps created by the specified organization
Bad Request: A parameter provided as a part of the request was invalid.
Unauthorized: the request requires an authentication token.
Forbidden: the request requires an authentication token with more or different permissions.
Not Found: The resource being operated on could not be found.
Conflict: The requested operation conflicts with the current state of the resource in some way.
Internal Server Error: An error was encountered while attempting to process the request.
GET /rest/orgs/{org_id}/apps HTTP/1.1
Host: api.snyk.io
Authorization: YOUR_API_KEY
Accept: */*
{
"data": [
{
"attributes": {
"access_token_ttl_seconds": 3600,
"client_id": "941b423a-e0a0-4a33-a7ca-dd9e9e6bd8cf",
"context": "tenant",
"grant_type": "authorization_code",
"is_confidential": true,
"is_public": false,
"name": "My App",
"org_public_id": "123e4567-e89b-12d3-a456-426614174000",
"redirect_uris": [
"https://example.com/callback"
],
"scopes": [
"text"
]
},
"id": "123e4567-e89b-12d3-a456-426614174000",
"type": "text"
}
],
"jsonapi": {
"version": "1.0"
},
"links": {
"first": "https://example.com/api/resource?ending_before=v1.eyJpZCI6IjExIn0K",
"last": "https://example.com/api/resource?starting_after=v1.eyJpZCI6IjMwIn0K",
"next": "https://example.com/api/resource?starting_after=v1.eyJpZCI6IjEwIn0K"
}
}Update app attributes. Deprecated, use /orgs/{org_id}/apps/creations/{app_id} instead.
Required permissions
Edit Apps (org.app.edit)
Org ID
Client ID
Requested API version
2021-06-04Pattern: ^(wip|work-in-progress|experimental|beta|((([0-9]{4})-([0-1][0-9]))-((3[01])|(0[1-9])|([12][0-9]))(~(wip|work-in-progress|experimental|beta))?))$The access token time to live for your app, in seconds. It only affects the newly generated access tokens, existing access token will continue to have their previous time to live as expiration.
3600New name of the app to display to users during authorization flow.
My AppList of allowed redirect URIs to call back after authentication.
["https://example.com/callback"]Attributes of the updated Snyk App.
Bad Request: A parameter provided as a part of the request was invalid.
Unauthorized: the request requires an authentication token.
Forbidden: the request requires an authentication token with more or different permissions.
Not Found: The resource being operated on could not be found.
Conflict: The requested operation conflicts with the current state of the resource in some way.
Internal Server Error: An error was encountered while attempting to process the request.
PATCH /rest/orgs/{org_id}/apps/{client_id} HTTP/1.1
Host: api.snyk.io
Authorization: YOUR_API_KEY
Content-Type: application/vnd.api+json
Accept: */*
Content-Length: 98
{
"access_token_ttl_seconds": 3600,
"name": "My App",
"redirect_uris": [
"https://example.com/callback"
]
}{
"data": {
"attributes": {
"access_token_ttl_seconds": 3600,
"client_id": "941b423a-e0a0-4a33-a7ca-dd9e9e6bd8cf",
"context": "tenant",
"grant_type": "authorization_code",
"is_confidential": true,
"is_public": false,
"name": "My App",
"org_public_id": "123e4567-e89b-12d3-a456-426614174000",
"redirect_uris": [
"https://example.com/callback"
],
"scopes": [
"text"
]
},
"id": "123e4567-e89b-12d3-a456-426614174000",
"type": "text"
},
"jsonapi": {
"version": "1.0"
},
"links": {
"self": "https://example.com/api/this_resource"
}
}Get an App by client id. Deprecated, use /orgs/{org_id}/apps/creations/{app_id} instead.
Required permissions
View Apps (org.app.read)
Org ID
Client ID
Requested API version
2021-06-04Pattern: ^(wip|work-in-progress|experimental|beta|((([0-9]{4})-([0-1][0-9]))-((3[01])|(0[1-9])|([12][0-9]))(~(wip|work-in-progress|experimental|beta))?))$Attributes of the requested Snyk App.
Bad Request: A parameter provided as a part of the request was invalid.
Unauthorized: the request requires an authentication token.
Forbidden: the request requires an authentication token with more or different permissions.
Not Found: The resource being operated on could not be found.
Conflict: The requested operation conflicts with the current state of the resource in some way.
Internal Server Error: An error was encountered while attempting to process the request.
GET /rest/orgs/{org_id}/apps/{client_id} HTTP/1.1
Host: api.snyk.io
Authorization: YOUR_API_KEY
Accept: */*
{
"data": {
"attributes": {
"access_token_ttl_seconds": 3600,
"client_id": "941b423a-e0a0-4a33-a7ca-dd9e9e6bd8cf",
"context": "tenant",
"grant_type": "authorization_code",
"is_confidential": true,
"is_public": false,
"name": "My App",
"org_public_id": "123e4567-e89b-12d3-a456-426614174000",
"redirect_uris": [
"https://example.com/callback"
],
"scopes": [
"text"
]
},
"id": "123e4567-e89b-12d3-a456-426614174000",
"type": "text"
},
"jsonapi": {
"version": "1.0"
},
"links": {
"self": "https://example.com/api/this_resource"
}
}Delete an app by app id. Deprecated, use /orgs/{org_id}/apps/creations/{app_id} instead.
Required permissions
Delete Apps (org.app.delete)
Org ID
Client ID
Requested API version
2021-06-04Pattern: ^(wip|work-in-progress|experimental|beta|((([0-9]{4})-([0-1][0-9]))-((3[01])|(0[1-9])|([12][0-9]))(~(wip|work-in-progress|experimental|beta))?))$The app has been deleted
Bad Request: A parameter provided as a part of the request was invalid.
Unauthorized: the request requires an authentication token.
Forbidden: the request requires an authentication token with more or different permissions.
Not Found: The resource being operated on could not be found.
Conflict: The requested operation conflicts with the current state of the resource in some way.
Internal Server Error: An error was encountered while attempting to process the request.
DELETE /rest/orgs/{org_id}/apps/{client_id} HTTP/1.1
Host: api.snyk.io
Authorization: YOUR_API_KEY
Accept: */*
No content
Manage client secrets for an app. Deprecated, use /orgs/{org_id}/apps/creations/{app_id}/secrets instead.
Required permissions
Edit Apps (org.app.edit)
Org ID
Client ID
Requested API version
2021-06-04Pattern: ^(wip|work-in-progress|experimental|beta|((([0-9]{4})-([0-1][0-9]))-((3[01])|(0[1-9])|([12][0-9]))(~(wip|work-in-progress|experimental|beta))?))$Operation to perform:
replace- Replace existing secrets with a new generated secretcreate- Add a new secret, preserving existing secretsdelete- Remove an existing secret by value
Secret to delete when using delete mode
Secrets have been updated.
Bad Request: A parameter provided as a part of the request was invalid.
Unauthorized: the request requires an authentication token.
Forbidden: the request requires an authentication token with more or different permissions.
Not Found: The resource being operated on could not be found.
Conflict: The requested operation conflicts with the current state of the resource in some way.
Internal Server Error: An error was encountered while attempting to process the request.
POST /rest/orgs/{org_id}/apps/{client_id}/secrets HTTP/1.1
Host: api.snyk.io
Authorization: YOUR_API_KEY
Content-Type: application/vnd.api+json
Accept: */*
Content-Length: 34
{
"mode": "replace",
"secret": "text"
}{
"data": {
"attributes": {
"access_token_ttl_seconds": 3600,
"client_id": "941b423a-e0a0-4a33-a7ca-dd9e9e6bd8cf",
"client_secret": "snyk_cs_ctZW0JsWG^Bm`*oPo=mnV26qU_6pjxht<]S_v1",
"context": "tenant",
"grant_type": "authorization_code",
"is_confidential": true,
"is_public": false,
"name": "My App",
"org_public_id": "123e4567-e89b-12d3-a456-426614174000",
"redirect_uris": [
"https://example.com/callback"
],
"scopes": [
"text"
]
},
"id": "123e4567-e89b-12d3-a456-426614174000",
"type": "text"
},
"jsonapi": {
"version": "1.0"
},
"links": {
"self": "https://example.com/api/this_resource"
}
}Install a Snyk App to this organization, the Snyk App must use unattended authentication e.g. client credentials
Required permissions
Install Apps (org.app.install)
Org ID
Requested API version
2021-06-04Pattern: ^(wip|work-in-progress|experimental|beta|((([0-9]{4})-([0-1][0-9]))-((3[01])|(0[1-9])|([12][0-9]))(~(wip|work-in-progress|experimental|beta))?))$The newly created app install.
Bad Request: A parameter provided as a part of the request was invalid.
Unauthorized: the request requires an authentication token.
Forbidden: the request requires an authentication token with more or different permissions.
Not Found: The resource being operated on could not be found.
Conflict: The requested operation conflicts with the current state of the resource in some way.
Internal Server Error: An error was encountered while attempting to process the request.
POST /rest/orgs/{org_id}/apps/installs HTTP/1.1
Host: api.snyk.io
Authorization: YOUR_API_KEY
Content-Type: application/vnd.api+json
Accept: */*
Content-Length: 123
{
"data": {
"type": "app_install"
},
"relationships": {
"app": {
"data": {
"id": "123e4567-e89b-12d3-a456-426614174000",
"type": "app"
}
}
}
}{
"data": {
"attributes": {
"client_id": "123e4567-e89b-12d3-a456-426614174000",
"client_secret": "text"
},
"id": "123e4567-e89b-12d3-a456-426614174000",
"links": {
"first": "https://example.com/api/resource",
"last": "https://example.com/api/resource",
"next": "https://example.com/api/resource",
"prev": "https://example.com/api/resource",
"related": "https://example.com/api/resource",
"self": "https://example.com/api/resource"
},
"relationships": {
"app": {
"data": {
"id": "123e4567-e89b-12d3-a456-426614174000",
"type": "text"
}
}
},
"type": "text"
},
"jsonapi": {
"version": "1.0"
},
"links": {
"first": "https://example.com/api/resource?ending_before=v1.eyJpZCI6IjExIn0K",
"last": "https://example.com/api/resource?starting_after=v1.eyJpZCI6IjMwIn0K",
"next": "https://example.com/api/resource?starting_after=v1.eyJpZCI6IjEwIn0K"
}
}Get a list of Snyk Apps installed for an Organization
Required permissions
View Apps (org.app.read)
Organization ID
Requested API version
2021-06-04Pattern: ^(wip|work-in-progress|experimental|beta|((([0-9]{4})-([0-1][0-9]))-((3[01])|(0[1-9])|([12][0-9]))(~(wip|work-in-progress|experimental|beta))?))$Return the page of results immediately after this cursor
v1.eyJpZCI6IjEwMDAifQo=Return the page of results immediately before this cursor
v1.eyJpZCI6IjExMDAifQo=Number of results to return per page
10Example: 10A list of apps installed for the specified organization.
Bad Request: A parameter provided as a part of the request was invalid.
Unauthorized: the request requires an authentication token.
Forbidden: the request requires an authentication token with more or different permissions.
Not Found: The resource being operated on could not be found.
Conflict: The requested operation conflicts with the current state of the resource in some way.
Internal Server Error: An error was encountered while attempting to process the request.
GET /rest/orgs/{org_id}/apps/installs HTTP/1.1
Host: api.snyk.io
Authorization: YOUR_API_KEY
Accept: */*
{
"data": [
{
"attributes": {
"client_id": "941b423a-e0a0-4a33-a7ca-dd9e9e6bd8cf",
"installed_at": "2024-04-30T16:07:46.230044Z"
},
"id": "123e4567-e89b-12d3-a456-426614174000",
"links": {
"first": "https://example.com/api/resource",
"last": "https://example.com/api/resource",
"next": "https://example.com/api/resource",
"prev": "https://example.com/api/resource",
"related": "https://example.com/api/resource",
"self": "https://example.com/api/resource"
},
"relationships": {
"app": {
"data": {
"attributes": {
"client_id": "123e4567-e89b-12d3-a456-426614174000",
"context": "tenant",
"name": "My App",
"scopes": [
"text"
]
},
"id": "123e4567-e89b-12d3-a456-426614174000",
"links": {
"first": "https://example.com/api/resource",
"last": "https://example.com/api/resource",
"next": "https://example.com/api/resource",
"prev": "https://example.com/api/resource",
"related": "https://example.com/api/resource",
"self": "https://example.com/api/resource"
},
"type": "text"
}
}
},
"type": "text"
}
],
"jsonapi": {
"version": "1.0"
},
"links": {
"first": "https://example.com/api/resource?ending_before=v1.eyJpZCI6IjExIn0K",
"last": "https://example.com/api/resource?starting_after=v1.eyJpZCI6IjMwIn0K",
"next": "https://example.com/api/resource?starting_after=v1.eyJpZCI6IjEwIn0K"
}
}Revoke app authorization for a Snyk organization with install ID
Required permissions
Install Apps (org.app.install)
Org ID
Install ID
Requested API version
2021-06-04Pattern: ^(wip|work-in-progress|experimental|beta|((([0-9]{4})-([0-1][0-9]))-((3[01])|(0[1-9])|([12][0-9]))(~(wip|work-in-progress|experimental|beta))?))$The Snyk App install is revoked, with no content (no errors).
Bad Request: A parameter provided as a part of the request was invalid.
Unauthorized: the request requires an authentication token.
Forbidden: the request requires an authentication token with more or different permissions.
Not Found: The resource being operated on could not be found.
Conflict: The requested operation conflicts with the current state of the resource in some way.
Internal Server Error: An error was encountered while attempting to process the request.
DELETE /rest/orgs/{org_id}/apps/installs/{install_id} HTTP/1.1
Host: api.snyk.io
Authorization: YOUR_API_KEY
Accept: */*
No content
Manage client secret for non-interactive Snyk App installations
Required permissions
Edit Apps (org.app.edit)
Org ID
Install ID
Requested API version
2021-06-04Pattern: ^(wip|work-in-progress|experimental|beta|((([0-9]{4})-([0-1][0-9]))-((3[01])|(0[1-9])|([12][0-9]))(~(wip|work-in-progress|experimental|beta))?))$Secret has been updated.
Bad Request: A parameter provided as a part of the request was invalid.
Unauthorized: the request requires an authentication token.
Forbidden: the request requires an authentication token with more or different permissions.
Not Found: The resource being operated on could not be found.
Conflict: The requested operation conflicts with the current state of the resource in some way.
Internal Server Error: An error was encountered while attempting to process the request.
POST /rest/orgs/{org_id}/apps/installs/{install_id}/secrets HTTP/1.1
Host: api.snyk.io
Authorization: YOUR_API_KEY
Content-Type: application/vnd.api+json
Accept: */*
Content-Length: 71
{
"data": {
"attributes": {
"mode": "replace",
"secret": "text"
},
"type": "app"
}
}{
"data": {
"attributes": {
"client_id": "941b423a-e0a0-4a33-a7ca-dd9e9e6bd8cf",
"client_secret": "snyk_cs_ctZW0JsWG^Bm`*oPo=mnV26qU_6pjxht<]S_v1",
"installed_at": "2024-04-30T16:07:46.230044Z"
},
"id": "123e4567-e89b-12d3-a456-426614174000",
"links": {
"first": "https://example.com/api/resource",
"last": "https://example.com/api/resource",
"next": "https://example.com/api/resource",
"prev": "https://example.com/api/resource",
"related": "https://example.com/api/resource",
"self": "https://example.com/api/resource"
},
"relationships": {
"app": {
"data": {
"attributes": {
"client_id": "123e4567-e89b-12d3-a456-426614174000",
"context": "tenant",
"name": "My App",
"scopes": [
"text"
]
},
"id": "123e4567-e89b-12d3-a456-426614174000",
"links": {
"first": "https://example.com/api/resource",
"last": "https://example.com/api/resource",
"next": "https://example.com/api/resource",
"prev": "https://example.com/api/resource",
"related": "https://example.com/api/resource",
"self": "https://example.com/api/resource"
},
"type": "text"
}
}
},
"type": "text"
},
"jsonapi": {
"version": "1.0"
},
"links": {
"self": "https://example.com/api/this_resource"
}
}Create a new Snyk App for an organization
Required permissions
Create Apps (org.app.create)
Org ID
Requested API version
2021-06-04Pattern: ^(wip|work-in-progress|experimental|beta|((([0-9]{4})-([0-1][0-9]))-((3[01])|(0[1-9])|([12][0-9]))(~(wip|work-in-progress|experimental|beta))?))$Created Snyk App successfully.
Bad Request: A parameter provided as a part of the request was invalid.
Unauthorized: the request requires an authentication token.
Forbidden: the request requires an authentication token with more or different permissions.
Not Found: The resource being operated on could not be found.
Conflict: The requested operation conflicts with the current state of the resource in some way.
Internal Server Error: An error was encountered while attempting to process the request.
POST /rest/orgs/{org_id}/apps/creations HTTP/1.1
Host: api.snyk.io
Authorization: YOUR_API_KEY
Content-Type: application/vnd.api+json
Accept: */*
Content-Length: 172
{
"data": {
"attributes": {
"access_token_ttl_seconds": 3600,
"context": "tenant",
"name": "My App",
"redirect_uris": [
"https://example.com/callback"
],
"scopes": [
"text"
]
},
"type": "app"
}
}{
"data": {
"attributes": {
"access_token_ttl_seconds": 3600,
"client_id": "941b423a-e0a0-4a33-a7ca-dd9e9e6bd8cf",
"client_secret": "snyk_cs_ctZW0JsWG^Bm`*oPo=mnV26qU_6pjxht<]S_v1",
"context": "tenant",
"grant_type": "authorization_code",
"is_confidential": true,
"is_public": false,
"name": "My App",
"org_public_id": "123e4567-e89b-12d3-a456-426614174000",
"redirect_uris": [
"https://example.com/callback"
],
"scopes": [
"text"
]
},
"id": "123e4567-e89b-12d3-a456-426614174000",
"type": "text"
},
"jsonapi": {
"version": "1.0"
},
"links": {
"self": "https://example.com/api/this_resource"
}
}Get a list of Snyk Apps created by an Organization
Required permissions
View Apps (org.app.read)
Org ID
Requested API version
2021-06-04Pattern: ^(wip|work-in-progress|experimental|beta|((([0-9]{4})-([0-1][0-9]))-((3[01])|(0[1-9])|([12][0-9]))(~(wip|work-in-progress|experimental|beta))?))$Return the page of results immediately after this cursor
v1.eyJpZCI6IjEwMDAifQo=Return the page of results immediately before this cursor
v1.eyJpZCI6IjExMDAifQo=Number of results to return per page
10Example: 10A list of apps created by the specified organization
Bad Request: A parameter provided as a part of the request was invalid.
Unauthorized: the request requires an authentication token.
Forbidden: the request requires an authentication token with more or different permissions.
Not Found: The resource being operated on could not be found.
Conflict: The requested operation conflicts with the current state of the resource in some way.
Internal Server Error: An error was encountered while attempting to process the request.
GET /rest/orgs/{org_id}/apps/creations HTTP/1.1
Host: api.snyk.io
Authorization: YOUR_API_KEY
Accept: */*
{
"data": [
{
"attributes": {
"access_token_ttl_seconds": 3600,
"client_id": "941b423a-e0a0-4a33-a7ca-dd9e9e6bd8cf",
"context": "tenant",
"grant_type": "authorization_code",
"is_confidential": true,
"is_public": false,
"name": "My App",
"org_public_id": "123e4567-e89b-12d3-a456-426614174000",
"redirect_uris": [
"https://example.com/callback"
],
"scopes": [
"text"
]
},
"id": "123e4567-e89b-12d3-a456-426614174000",
"type": "text"
}
],
"jsonapi": {
"version": "1.0"
},
"links": {
"first": "https://example.com/api/resource?ending_before=v1.eyJpZCI6IjExIn0K",
"last": "https://example.com/api/resource?starting_after=v1.eyJpZCI6IjMwIn0K",
"next": "https://example.com/api/resource?starting_after=v1.eyJpZCI6IjEwIn0K"
}
}Update app creation attributes such as name, redirect URIs, and access token time to live using the App ID
Update app creation attributes with App ID
Required permissions
Edit Apps (org.app.edit)
Org ID
App ID
Requested API version
2021-06-04Pattern: ^(wip|work-in-progress|experimental|beta|((([0-9]{4})-([0-1][0-9]))-((3[01])|(0[1-9])|([12][0-9]))(~(wip|work-in-progress|experimental|beta))?))$Attributes of the updated Snyk App.
Bad Request: A parameter provided as a part of the request was invalid.
Unauthorized: the request requires an authentication token.
Forbidden: the request requires an authentication token with more or different permissions.
Not Found: The resource being operated on could not be found.
Conflict: The requested operation conflicts with the current state of the resource in some way.
Internal Server Error: An error was encountered while attempting to process the request.
PATCH /rest/orgs/{org_id}/apps/creations/{app_id} HTTP/1.1
Host: api.snyk.io
Authorization: YOUR_API_KEY
Content-Type: application/vnd.api+json
Accept: */*
Content-Length: 135
{
"data": {
"attributes": {
"access_token_ttl_seconds": 3600,
"name": "My App",
"redirect_uris": [
"https://example.com/callback"
]
},
"type": "app"
}
}{
"data": {
"attributes": {
"access_token_ttl_seconds": 3600,
"client_id": "941b423a-e0a0-4a33-a7ca-dd9e9e6bd8cf",
"context": "tenant",
"grant_type": "authorization_code",
"is_confidential": true,
"is_public": false,
"name": "My App",
"org_public_id": "123e4567-e89b-12d3-a456-426614174000",
"redirect_uris": [
"https://example.com/callback"
],
"scopes": [
"text"
]
},
"id": "123e4567-e89b-12d3-a456-426614174000",
"type": "text"
},
"jsonapi": {
"version": "1.0"
},
"links": {
"self": "https://example.com/api/this_resource"
}
}Get a Snyk App by app ID
Required permissions
View Apps (org.app.read)
Org ID
App ID
Requested API version
2021-06-04Pattern: ^(wip|work-in-progress|experimental|beta|((([0-9]{4})-([0-1][0-9]))-((3[01])|(0[1-9])|([12][0-9]))(~(wip|work-in-progress|experimental|beta))?))$Attributes of the requested Snyk App.
Bad Request: A parameter provided as a part of the request was invalid.
Unauthorized: the request requires an authentication token.
Forbidden: the request requires an authentication token with more or different permissions.
Not Found: The resource being operated on could not be found.
Conflict: The requested operation conflicts with the current state of the resource in some way.
Internal Server Error: An error was encountered while attempting to process the request.
GET /rest/orgs/{org_id}/apps/creations/{app_id} HTTP/1.1
Host: api.snyk.io
Authorization: YOUR_API_KEY
Accept: */*
{
"data": {
"attributes": {
"access_token_ttl_seconds": 3600,
"client_id": "941b423a-e0a0-4a33-a7ca-dd9e9e6bd8cf",
"context": "tenant",
"grant_type": "authorization_code",
"is_confidential": true,
"is_public": false,
"name": "My App",
"org_public_id": "123e4567-e89b-12d3-a456-426614174000",
"redirect_uris": [
"https://example.com/callback"
],
"scopes": [
"text"
]
},
"id": "123e4567-e89b-12d3-a456-426614174000",
"type": "text"
},
"jsonapi": {
"version": "1.0"
},
"links": {
"self": "https://example.com/api/this_resource"
}
}Delete a Snyk App by app ID
Required permissions
Delete Apps (org.app.delete)
Org ID
App ID
Requested API version
2021-06-04Pattern: ^(wip|work-in-progress|experimental|beta|((([0-9]{4})-([0-1][0-9]))-((3[01])|(0[1-9])|([12][0-9]))(~(wip|work-in-progress|experimental|beta))?))$The app has been deleted
Bad Request: A parameter provided as a part of the request was invalid.
Unauthorized: the request requires an authentication token.
Forbidden: the request requires an authentication token with more or different permissions.
Not Found: The resource being operated on could not be found.
Conflict: The requested operation conflicts with the current state of the resource in some way.
Internal Server Error: An error was encountered while attempting to process the request.
DELETE /rest/orgs/{org_id}/apps/creations/{app_id} HTTP/1.1
Host: api.snyk.io
Authorization: YOUR_API_KEY
Accept: */*
No content
Manage client secret for a Snyk App
Required permissions
Edit Apps (org.app.edit)
Org ID
App ID
Requested API version
2021-06-04Pattern: ^(wip|work-in-progress|experimental|beta|((([0-9]{4})-([0-1][0-9]))-((3[01])|(0[1-9])|([12][0-9]))(~(wip|work-in-progress|experimental|beta))?))$Secret has been updated.
Bad Request: A parameter provided as a part of the request was invalid.
Unauthorized: the request requires an authentication token.
Forbidden: the request requires an authentication token with more or different permissions.
Not Found: The resource being operated on could not be found.
Conflict: The requested operation conflicts with the current state of the resource in some way.
Internal Server Error: An error was encountered while attempting to process the request.
POST /rest/orgs/{org_id}/apps/creations/{app_id}/secrets HTTP/1.1
Host: api.snyk.io
Authorization: YOUR_API_KEY
Content-Type: application/vnd.api+json
Accept: */*
Content-Length: 71
{
"data": {
"attributes": {
"mode": "replace",
"secret": "text"
},
"type": "app"
}
}{
"data": {
"attributes": {
"access_token_ttl_seconds": 3600,
"client_id": "941b423a-e0a0-4a33-a7ca-dd9e9e6bd8cf",
"client_secret": "snyk_cs_ctZW0JsWG^Bm`*oPo=mnV26qU_6pjxht<]S_v1",
"context": "tenant",
"grant_type": "authorization_code",
"is_confidential": true,
"is_public": false,
"name": "My App",
"org_public_id": "123e4567-e89b-12d3-a456-426614174000",
"redirect_uris": [
"https://example.com/callback"
],
"scopes": [
"text"
]
},
"id": "123e4567-e89b-12d3-a456-426614174000",
"type": "text"
},
"jsonapi": {
"version": "1.0"
},
"links": {
"self": "https://example.com/api/this_resource"
}
}Get a list of app bots authorized to an organization. Deprecated, use /orgs/{org_id}/apps/installs instead.
Required permissions
View Apps (org.app.read)
Organization ID
Requested API version
2021-06-04Pattern: ^(wip|work-in-progress|experimental|beta|((([0-9]{4})-([0-1][0-9]))-((3[01])|(0[1-9])|([12][0-9]))(~(wip|work-in-progress|experimental|beta))?))$Return the page of results immediately after this cursor
v1.eyJpZCI6IjEwMDAifQo=Return the page of results immediately before this cursor
v1.eyJpZCI6IjExMDAifQo=Number of results to return per page
10Example: 10A list of app bots authorized to the specified organization
Bad Request: A parameter provided as a part of the request was invalid.
Unauthorized: the request requires an authentication token.
Forbidden: the request requires an authentication token with more or different permissions.
Not Found: The resource being operated on could not be found.
Conflict: The requested operation conflicts with the current state of the resource in some way.
Internal Server Error: An error was encountered while attempting to process the request.
GET /rest/orgs/{org_id}/app_bots HTTP/1.1
Host: api.snyk.io
Authorization: YOUR_API_KEY
Accept: */*
{
"data": [
{
"attributes": {},
"id": "123e4567-e89b-12d3-a456-426614174000",
"links": {
"first": "https://example.com/api/resource",
"last": "https://example.com/api/resource",
"next": "https://example.com/api/resource",
"prev": "https://example.com/api/resource",
"related": "https://example.com/api/resource",
"self": "https://example.com/api/resource"
},
"relationships": {
"app": {
"data": {
"attributes": {
"client_id": "941b423a-e0a0-4a33-a7ca-dd9e9e6bd8cf",
"context": "tenant",
"name": "My App",
"scopes": [
"text"
]
},
"id": "123e4567-e89b-12d3-a456-426614174000",
"links": {
"first": "https://example.com/api/resource",
"last": "https://example.com/api/resource",
"next": "https://example.com/api/resource",
"prev": "https://example.com/api/resource",
"related": "https://example.com/api/resource",
"self": "https://example.com/api/resource"
},
"type": "text"
}
}
},
"type": "text"
}
],
"jsonapi": {
"version": "1.0"
},
"links": {
"first": "https://example.com/api/resource?ending_before=v1.eyJpZCI6IjExIn0K",
"last": "https://example.com/api/resource?starting_after=v1.eyJpZCI6IjMwIn0K",
"next": "https://example.com/api/resource?starting_after=v1.eyJpZCI6IjEwIn0K"
}
}Revoke app bot authorization. Deprecated, use /orgs/{org_id}/apps/installs/{install_id} instead.
Required permissions
Install Apps (org.app.install)
The ID of the app bot
Organization ID
Requested API version
2021-06-04Pattern: ^(wip|work-in-progress|experimental|beta|((([0-9]{4})-([0-1][0-9]))-((3[01])|(0[1-9])|([12][0-9]))(~(wip|work-in-progress|experimental|beta))?))$The app bot has been deauthorized
Bad Request: A parameter provided as a part of the request was invalid.
Unauthorized: the request requires an authentication token.
Forbidden: the request requires an authentication token with more or different permissions.
Not Found: The resource being operated on could not be found.
Conflict: The requested operation conflicts with the current state of the resource in some way.
Internal Server Error: An error was encountered while attempting to process the request.
DELETE /rest/orgs/{org_id}/app_bots/{bot_id} HTTP/1.1
Host: api.snyk.io
Authorization: YOUR_API_KEY
Accept: */*
No content
Install a Snyk App to this group, the Snyk App must use unattended authentication e.g. client credentials
Required permissions
Install Apps (group.app.install)
Group ID
Requested API version
2021-06-04Pattern: ^(wip|work-in-progress|experimental|beta|((([0-9]{4})-([0-1][0-9]))-((3[01])|(0[1-9])|([12][0-9]))(~(wip|work-in-progress|experimental|beta))?))$The newly created app install.
Bad Request: A parameter provided as a part of the request was invalid.
Unauthorized: the request requires an authentication token.
Forbidden: the request requires an authentication token with more or different permissions.
Not Found: The resource being operated on could not be found.
Conflict: The requested operation conflicts with the current state of the resource in some way.
Internal Server Error: An error was encountered while attempting to process the request.
POST /rest/groups/{group_id}/apps/installs HTTP/1.1
Host: api.snyk.io
Authorization: YOUR_API_KEY
Content-Type: application/vnd.api+json
Accept: */*
Content-Length: 123
{
"data": {
"type": "app_install"
},
"relationships": {
"app": {
"data": {
"id": "123e4567-e89b-12d3-a456-426614174000",
"type": "app"
}
}
}
}{
"data": {
"attributes": {
"client_id": "123e4567-e89b-12d3-a456-426614174000",
"client_secret": "text"
},
"id": "123e4567-e89b-12d3-a456-426614174000",
"links": {
"first": "https://example.com/api/resource",
"last": "https://example.com/api/resource",
"next": "https://example.com/api/resource",
"prev": "https://example.com/api/resource",
"related": "https://example.com/api/resource",
"self": "https://example.com/api/resource"
},
"relationships": {
"app": {
"data": {
"id": "123e4567-e89b-12d3-a456-426614174000",
"type": "text"
}
}
},
"type": "text"
},
"jsonapi": {
"version": "1.0"
},
"links": {
"first": "https://example.com/api/resource?ending_before=v1.eyJpZCI6IjExIn0K",
"last": "https://example.com/api/resource?starting_after=v1.eyJpZCI6IjMwIn0K",
"next": "https://example.com/api/resource?starting_after=v1.eyJpZCI6IjEwIn0K"
}
}Get a list of Snyk Apps installed for a Group
Required permissions
View Apps (group.app.read)
Group ID
Requested API version
2021-06-04Pattern: ^(wip|work-in-progress|experimental|beta|((([0-9]{4})-([0-1][0-9]))-((3[01])|(0[1-9])|([12][0-9]))(~(wip|work-in-progress|experimental|beta))?))$Return the page of results immediately after this cursor
v1.eyJpZCI6IjEwMDAifQo=Return the page of results immediately before this cursor
v1.eyJpZCI6IjExMDAifQo=Number of results to return per page
10Example: 10A list of apps installed for the specified group.
Bad Request: A parameter provided as a part of the request was invalid.
Unauthorized: the request requires an authentication token.
Forbidden: the request requires an authentication token with more or different permissions.
Not Found: The resource being operated on could not be found.
Conflict: The requested operation conflicts with the current state of the resource in some way.
Internal Server Error: An error was encountered while attempting to process the request.
GET /rest/groups/{group_id}/apps/installs HTTP/1.1
Host: api.snyk.io
Authorization: YOUR_API_KEY
Accept: */*
{
"data": [
{
"attributes": {
"client_id": "941b423a-e0a0-4a33-a7ca-dd9e9e6bd8cf",
"installed_at": "2024-04-30T16:07:46.230044Z"
},
"id": "123e4567-e89b-12d3-a456-426614174000",
"links": {
"first": "https://example.com/api/resource",
"last": "https://example.com/api/resource",
"next": "https://example.com/api/resource",
"prev": "https://example.com/api/resource",
"related": "https://example.com/api/resource",
"self": "https://example.com/api/resource"
},
"relationships": {
"app": {
"data": {
"attributes": {
"client_id": "123e4567-e89b-12d3-a456-426614174000",
"context": "tenant",
"name": "My App",
"scopes": [
"text"
]
},
"id": "123e4567-e89b-12d3-a456-426614174000",
"links": {
"first": "https://example.com/api/resource",
"last": "https://example.com/api/resource",
"next": "https://example.com/api/resource",
"prev": "https://example.com/api/resource",
"related": "https://example.com/api/resource",
"self": "https://example.com/api/resource"
},
"type": "text"
}
}
},
"type": "text"
}
],
"jsonapi": {
"version": "1.0"
},
"links": {
"first": "https://example.com/api/resource?ending_before=v1.eyJpZCI6IjExIn0K",
"last": "https://example.com/api/resource?starting_after=v1.eyJpZCI6IjMwIn0K",
"next": "https://example.com/api/resource?starting_after=v1.eyJpZCI6IjEwIn0K"
}
}Revoke app authorization for a Snyk group with install ID
Required permissions
Install Apps (group.app.install)
Group ID
Install ID
Requested API version
2021-06-04Pattern: ^(wip|work-in-progress|experimental|beta|((([0-9]{4})-([0-1][0-9]))-((3[01])|(0[1-9])|([12][0-9]))(~(wip|work-in-progress|experimental|beta))?))$The Snyk App install is revoked, with no content (no errors).
Bad Request: A parameter provided as a part of the request was invalid.
Unauthorized: the request requires an authentication token.
Forbidden: the request requires an authentication token with more or different permissions.
Not Found: The resource being operated on could not be found.
Conflict: The requested operation conflicts with the current state of the resource in some way.
Internal Server Error: An error was encountered while attempting to process the request.
DELETE /rest/groups/{group_id}/apps/installs/{install_id} HTTP/1.1
Host: api.snyk.io
Authorization: YOUR_API_KEY
Accept: */*
No content
Manage client secret for non-interactive Snyk App installations
Required permissions
Edit Apps (group.app.edit)
Group ID
Install ID
Requested API version
2021-06-04Pattern: ^(wip|work-in-progress|experimental|beta|((([0-9]{4})-([0-1][0-9]))-((3[01])|(0[1-9])|([12][0-9]))(~(wip|work-in-progress|experimental|beta))?))$Secret has been updated.
Bad Request: A parameter provided as a part of the request was invalid.
Unauthorized: the request requires an authentication token.
Forbidden: the request requires an authentication token with more or different permissions.
Not Found: The resource being operated on could not be found.
Conflict: The requested operation conflicts with the current state of the resource in some way.
Internal Server Error: An error was encountered while attempting to process the request.
POST /rest/groups/{group_id}/apps/installs/{install_id}/secrets HTTP/1.1
Host: api.snyk.io
Authorization: YOUR_API_KEY
Content-Type: application/vnd.api+json
Accept: */*
Content-Length: 71
{
"data": {
"attributes": {
"mode": "replace",
"secret": "text"
},
"type": "app"
}
}{
"data": {
"attributes": {
"client_id": "941b423a-e0a0-4a33-a7ca-dd9e9e6bd8cf",
"client_secret": "snyk_cs_ctZW0JsWG^Bm`*oPo=mnV26qU_6pjxht<]S_v1",
"installed_at": "2024-04-30T16:07:46.230044Z"
},
"id": "123e4567-e89b-12d3-a456-426614174000",
"links": {
"first": "https://example.com/api/resource",
"last": "https://example.com/api/resource",
"next": "https://example.com/api/resource",
"prev": "https://example.com/api/resource",
"related": "https://example.com/api/resource",
"self": "https://example.com/api/resource"
},
"relationships": {
"app": {
"data": {
"attributes": {
"client_id": "123e4567-e89b-12d3-a456-426614174000",
"context": "tenant",
"name": "My App",
"scopes": [
"text"
]
},
"id": "123e4567-e89b-12d3-a456-426614174000",
"links": {
"first": "https://example.com/api/resource",
"last": "https://example.com/api/resource",
"next": "https://example.com/api/resource",
"prev": "https://example.com/api/resource",
"related": "https://example.com/api/resource",
"self": "https://example.com/api/resource"
},
"type": "text"
}
}
},
"type": "text"
},
"jsonapi": {
"version": "1.0"
},
"links": {
"self": "https://example.com/api/this_resource"
}
}Last updated
Was this helpful?