Inventory Assets
Partially updates multiple assets in a single request.
Maximum of 100 assets can be updated per request.
The operation is transactional - all updates succeed or all fail.
Supports updating class, labels (add/remove), and tags (add/remove).
Required permissions
Edit Tenant Details (tenant.edit)
API key value must be prefixed with "Token ".
The unique identifier of the tenant
The requested API version
2024-10-15Pattern: ^\d{4}-\d{2}-\d{2}$Assets updated successfully
Bad Request: A parameter provided as a part of the request was invalid.
Unauthorized: the request requires an authentication token.
Forbidden: the request requires an authentication token with more or different permissions.
Not Found: The resource being operated on could not be found.
Internal Server Error: An error was encountered while attempting to process the request.
No content
Retrieves a polymorphic list of all asset types for a given tenant. The response includes different asset types (containers, container images, etc.) in a single unified response following the JSON:API specification.
This endpoint supports both simple listing and synchronous search with filtering, sorting, and cursor-based pagination through query parameters.
Required permissions
View Tenant Details (tenant.read)
API key value must be prefixed with "Token ".
The unique identifier of the tenant
The requested API version
2024-10-15Pattern: ^\d{4}-\d{2}-\d{2}$RSQL filter expression for filtering results.
Supported operators:
==(equal),!=(not equal)<or=lt=(less than),>or=gt=(greater than)<=or=le=(less than or equal),>=or=ge=(greater than or equal)=in=(val1,val2)(IN list),=out=(val1,val2)(NOT IN list);orand(logical AND),,oror(logical OR) - word operators are case-insensitive
Wildcard pattern matching:
Use * (asterisk) for flexible string matching with == and != operators:
*value*- Contains (e.g.,registry==*docker*matches "docker.io")value*- Starts with (e.g.,registry==docker*matches "docker.io")*value- Ends with (e.g.,name==*nginxmatches "library/nginx")!=*value*- Does not contain (e.g.,class!=*test*)
Note: Special SQL characters (%, _) are automatically escaped for security.
Quoted values:
Values can optionally be wrapped in single quotes ('...') or double quotes ("...").
Quotes are stripped before comparison, so registry=='docker.io' is equivalent to registry==docker.io.
Escaped quotes inside quoted values are supported (e.g., name=="O\"Reilly").
Quoting is required when filtering for empty values (see below).
Filtering for empty values:
Use empty quotes ('' or "") with == or != to filter by empty fields:
registry==''- Matches assets where registry is emptyregistry!=''- Matches assets where registry has a value
Multi-field substring search:
Use the special q field to search across multiple fields simultaneously using case-insensitive substring matching:
q==<search_term>- Searches across all searchable string fields (labels, tags, registry, repository, name, config_digest, manifest_digest, index_digest, image_tag)- Only supports the
==operator (no wildcards needed - automatically searches for substring matches) - Uses case-insensitive pattern matching (PostgreSQL ILIKE)
- Does not support linguistic features like stemming or ranking
- Special characters are automatically escaped for security
- Can be combined with other filters:
q==nginx;type==container_images
Supported fields:
Common fields (apply to all asset types):
q(string) - Multi-field substring search (see above)id(UUID) - Asset IDtype(string) - Type of asset. Allowed values:container_imagesclass(string) - Class of asset (e.g., A, B)created_at(timestamp) - Asset creation timestamp (ISO 8601 format)updated_at(timestamp) - Asset last update timestamp (ISO 8601 format)labels(string array) - Asset labelstags(object) - Asset tags. Requires a sub-field (e.g.,tags.env==production)
Container image fields (apply when type is container_images):
registry(string) - Container image registry (e.g., docker.io)repository(string) - Container image repository pathname(string) - Container image nameconfig_digest(string) - Image config digestmanifest_digest(string) - Distribution manifest digestindex_digest(string) - Distribution index digestimage_tag(string) - Image tag from discovery sourceimage_labels(object) - OCI image config labels. Requires a sub-field (e.g.,image_labels.vendor==nginx)
Examples:
q==nginx- Multi-field substring search for "nginx"q==docker.io;type==container_images- Search "docker.io" substring in container images onlytype==container_images- Exact match on asset typeregistry==*docker*- Registry contains "docker" (wildcard)created_at>2024-01-01orcreated_at=gt=2024-01-01- Date comparisonclass==A;created_at=ge=2024-01-01- AND combinationlabels=in=(production,staging)- Labels IN listtags.env==production- Tag sub-field filterimage_labels.vendor==nginx- Image label sub-field filterregistry=='docker.io'- Quoted value (equivalent toregistry==docker.io)registry==''- Assets where registry is emptyregistry!=''- Assets where registry has a value
type==container_images;created_at>2024-01-01Comma-separated sort fields. Prefix with - for descending order.
Supported fields:
created_at- Asset creation timestampupdated_at- Asset last update timestamptype- Asset type (container_images)class- Asset classrisk_score- Asset risk score (max across project sources)issues- Issue counts by severity (critical, high, medium, low)built_at- Image build timestamp (container images only)last_scan- Last scan timestamp
-created_atNumber of results to return per page
10Cursor for fetching the next page of results
v1.MTIzNDU2Nzg5MHxhYmNkZWY=Cursor for fetching the previous page of results
v1.MTIzNDU2Nzg5MHxhYmNkZWY=Provide summary count in the response meta object when requested.
When with is provided, the count will be included in the response meta object.
When only is provided, the count will be included in the response meta object and no data will be returned.
withPossible values: Successful response with a polymorphic list of assets
Bad Request: A parameter provided as a part of the request was invalid.
Unauthorized: the request requires an authentication token.
Forbidden: the request requires an authentication token with more or different permissions.
Internal Server Error: An error was encountered while attempting to process the request.
Partially updates an asset's attributes. Supports updating class, labels (add/remove), and tags (add/remove). At least one attribute must be provided in the request.
Required permissions
Edit Tenant Details (tenant.edit)
API key value must be prefixed with "Token ".
The unique identifier of the tenant
The unique identifier of the asset
The requested API version
2024-10-15Pattern: ^\d{4}-\d{2}-\d{2}$Asset updated successfully
Bad Request: A parameter provided as a part of the request was invalid.
Unauthorized: the request requires an authentication token.
Forbidden: the request requires an authentication token with more or different permissions.
Not Found: The resource being operated on could not be found.
Internal Server Error: An error was encountered while attempting to process the request.
Retrieves a single asset by its unique identifier. The response includes the asset's details in JSON:API format. The asset type is determined from the database and the appropriate details are returned polymorphically.
Required permissions
View Tenant Details (tenant.read)
API key value must be prefixed with "Token ".
The unique identifier of the tenant
The unique identifier of the asset
The requested API version
2024-10-15Pattern: ^\d{4}-\d{2}-\d{2}$Asset retrieved successfully
Bad Request: A parameter provided as a part of the request was invalid.
Unauthorized: the request requires an authentication token.
Forbidden: the request requires an authentication token with more or different permissions.
Not Found: The resource being operated on could not be found.
Internal Server Error: An error was encountered while attempting to process the request.
Retrieves a paginated list of Snyk targets linked to this asset with full attributes.
Returns the id, type, and attributes of each related target.
Required permissions
View Tenant Details (tenant.read)
API key value must be prefixed with "Token ".
The unique identifier of the tenant
The unique identifier of the asset
The requested API version
2024-10-15Pattern: ^\d{4}-\d{2}-\d{2}$Cursor for fetching the next page of results
Cursor for fetching the previous page of results
Maximum number of results to return per page
10Successfully retrieved linked targets
Bad Request: A parameter provided as a part of the request was invalid.
Unauthorized: the request requires an authentication token.
Forbidden: the request requires an authentication token with more or different permissions.
Not Found: The resource being operated on could not be found.
Internal Server Error: An error was encountered while attempting to process the request.
Retrieves a paginated list of Snyk projects linked to this asset with full attributes.
Returns the id, type, and attributes of each related project.
Required permissions
View Tenant Details (tenant.read)
API key value must be prefixed with "Token ".
The unique identifier of the tenant
The unique identifier of the asset
The requested API version
2024-10-15Pattern: ^\d{4}-\d{2}-\d{2}$Cursor for fetching the next page of results
Cursor for fetching the previous page of results
Maximum number of results to return per page
10Filter projects by canonical status.
with: Returns all projects (canonical attribute is populated).only: Returns only canonical projects (those used for vulnerability counts).none: Returns only non-canonical projects. When omitted, returns all projects without canonical filtering.
Filter projects by target ID. When provided, returns only projects that belong to the specified target. When omitted, returns projects from all targets.
Successfully retrieved linked projects
Bad Request: A parameter provided as a part of the request was invalid.
Unauthorized: the request requires an authentication token.
Forbidden: the request requires an authentication token with more or different permissions.
Not Found: The resource being operated on could not be found.
Internal Server Error: An error was encountered while attempting to process the request.
Initiates an asynchronous search for assets and returns a redirect to the search results endpoint
Required permissions
View Tenant Details (tenant.read)
API key value must be prefixed with "Token ".
The unique identifier of the tenant
The requested API version
2024-10-15Pattern: ^\d{4}-\d{2}-\d{2}$Found - Redirects to search results endpoint
Bad Request: A parameter provided as a part of the request was invalid.
Internal Server Error: An error was encountered while attempting to process the request.
Gets paginated results for a previously initiated asset search
Required permissions
View Tenant Details (tenant.read)
API key value must be prefixed with "Token ".
The unique identifier of the tenant
The unique identifier of the search operation
The requested API version
2024-10-15Pattern: ^\d{4}-\d{2}-\d{2}$Comma-separated sort fields. Prefix with - for descending order.
Supported fields:
created_at- Asset creation timestampupdated_at- Asset last update timestamptype- Asset type (container_images)class- Asset classrisk_score- Asset risk score (max across project sources)issues- Issue counts by severity (critical, high, medium, low)built_at- Image build timestamp (container images only)last_scan- Last scan timestamp
-created_atNumber of results to return
10Cursor for next page
Cursor for previous page
Search results retrieved successfully
Not Found: The resource being operated on could not be found.
Internal Server Error: An error was encountered while attempting to process the request.
Returns a list of valid group field names that can be used for grouping assets. Each field includes its name, data type, and which asset types it applies to.
Required permissions
View Tenant Details (tenant.read)
API key value must be prefixed with "Token ".
The unique identifier of the tenant
The requested API version
2024-10-15Pattern: ^\d{4}-\d{2}-\d{2}$Comma-separated list of asset types to filter the available group fields
container_imagesNumber of results to return
10Cursor for fetching the next page of results
Cursor for fetching the previous page of results
List of available group fields
Bad Request: A parameter provided as a part of the request was invalid.
Unauthorized: the request requires an authentication token.
Forbidden: the request requires an authentication token with more or different permissions.
Internal Server Error: An error was encountered while attempting to process the request.
Returns aggregated values for a specific group field id, showing the count of assets for each distinct value.
Use the UUID from the group fields list endpoint to identify which field to query.
Required permissions
View Tenant Details (tenant.read)
API key value must be prefixed with "Token ".
The unique identifier of the tenant
The UUID of the group field to get values for (from the group fields list endpoint)
3fa85f64-5717-4562-b3fc-2c963f66afa6The requested API version
2024-10-15Pattern: ^\d{4}-\d{2}-\d{2}$Comma-separated list of asset types to filter the aggregation
container_imagesRSQL filter expression for filtering results.
Supported operators:
==(equal),!=(not equal)<or=lt=(less than),>or=gt=(greater than)<=or=le=(less than or equal),>=or=ge=(greater than or equal)=in=(val1,val2)(IN list),=out=(val1,val2)(NOT IN list);orand(logical AND),,oror(logical OR) - word operators are case-insensitive
Wildcard pattern matching:
Use * (asterisk) for flexible string matching with == and != operators:
*value*- Contains (e.g.,registry==*docker*matches "docker.io")value*- Starts with (e.g.,registry==docker*matches "docker.io")*value- Ends with (e.g.,name==*nginxmatches "library/nginx")!=*value*- Does not contain (e.g.,class!=*test*)
Note: Special SQL characters (%, _) are automatically escaped for security.
Quoted values:
Values can optionally be wrapped in single quotes ('...') or double quotes ("...").
Quotes are stripped before comparison, so registry=='docker.io' is equivalent to registry==docker.io.
Escaped quotes inside quoted values are supported (e.g., name=="O\"Reilly").
Quoting is required when filtering for empty values (see below).
Filtering for empty values:
Use empty quotes ('' or "") with == or != to filter by empty fields:
registry==''- Matches assets where registry is emptyregistry!=''- Matches assets where registry has a value
Multi-field substring search:
Use the special q field to search across multiple fields simultaneously using case-insensitive substring matching:
q==<search_term>- Searches across all searchable string fields (labels, tags, registry, repository, name, config_digest, manifest_digest, index_digest, image_tag)- Only supports the
==operator (no wildcards needed - automatically searches for substring matches) - Uses case-insensitive pattern matching (PostgreSQL ILIKE)
- Does not support linguistic features like stemming or ranking
- Special characters are automatically escaped for security
- Can be combined with other filters:
q==nginx;type==container_images
Supported fields:
Common fields (apply to all asset types):
q(string) - Multi-field substring search (see above)id(UUID) - Asset IDtype(string) - Type of asset. Allowed values:container_imagesclass(string) - Class of asset (e.g., A, B)created_at(timestamp) - Asset creation timestamp (ISO 8601 format)updated_at(timestamp) - Asset last update timestamp (ISO 8601 format)labels(string array) - Asset labelstags(object) - Asset tags. Requires a sub-field (e.g.,tags.env==production)
Container image fields (apply when type is container_images):
registry(string) - Container image registry (e.g., docker.io)repository(string) - Container image repository pathname(string) - Container image nameconfig_digest(string) - Image config digestmanifest_digest(string) - Distribution manifest digestindex_digest(string) - Distribution index digestimage_tag(string) - Image tag from discovery sourceimage_labels(object) - OCI image config labels. Requires a sub-field (e.g.,image_labels.vendor==nginx)
Examples:
q==nginx- Multi-field substring search for "nginx"q==docker.io;type==container_images- Search "docker.io" substring in container images onlytype==container_images- Exact match on asset typeregistry==*docker*- Registry contains "docker" (wildcard)created_at>2024-01-01orcreated_at=gt=2024-01-01- Date comparisonclass==A;created_at=ge=2024-01-01- AND combinationlabels=in=(production,staging)- Labels IN listtags.env==production- Tag sub-field filterimage_labels.vendor==nginx- Image label sub-field filterregistry=='docker.io'- Quoted value (equivalent toregistry==docker.io)registry==''- Assets where registry is emptyregistry!=''- Assets where registry has a value
type==container_images;created_at>2024-01-01Comma-separated sort fields for group values. Prefix with - for descending order.
Multiple sort fields are supported (e.g., -issues,count).
Defaults to count (ascending) when not specified.
Results are always tie-broken by value for deterministic ordering.
Available sort fields:
value- Sort by the group value string (alphabetical)count- Sort by the number of assets in each grouplast_seen_at- Sort by the aggregated last_seen_at timestampupdated_at- Sort by the aggregated updated_at timestamprisk_score- Sort by the aggregated risk scoreissues- Sort by issue severity (critical → high → medium → low)
-countNumber of results to return
10Cursor for fetching the next page of results
Cursor for fetching the previous page of results
List of group values with aggregated metadata
Bad Request: A parameter provided as a part of the request was invalid.
Unauthorized: the request requires an authentication token.
Forbidden: the request requires an authentication token with more or different permissions.
Not Found: The resource being operated on could not be found.
Internal Server Error: An error was encountered while attempting to process the request.
Returns a list of valid field names that can be used for filtering assets using RSQL. Each field includes its name, data type, and which asset types it applies to.
Required permissions
View Tenant Details (tenant.read)
API key value must be prefixed with "Token ".
The unique identifier of the tenant
The requested API version
2024-10-15Pattern: ^\d{4}-\d{2}-\d{2}$Comma-separated list of asset types to filter the available filter fields
container_imagesNumber of results to return
10Cursor for fetching the next page of results
Cursor for fetching the previous page of results
List of available filter fields
Bad Request: A parameter provided as a part of the request was invalid.
Unauthorized: the request requires an authentication token.
Forbidden: the request requires an authentication token with more or different permissions.
Internal Server Error: An error was encountered while attempting to process the request.
Returns a list of distinct values for a specific filter field. Useful for building autocomplete functionality in filter UIs.
Use the UUID from the filter fields list endpoint to identify which field to query.
For object filter values, both the keys and values are returned.
Required permissions
View Tenant Details (tenant.read)
API key value must be prefixed with "Token ".
The unique identifier of the tenant
The UUID of the filter field to get values for (from the filter fields list endpoint)
3fa85f64-5717-4562-b3fc-2c963f66afa6The requested API version
2024-10-15Pattern: ^\d{4}-\d{2}-\d{2}$Full text search term to filter the list of values. If keys_only is true, this will filter the keys of the object filter values. If key is provided, this will filter the value for the specific key of the object filter values.
prodNumber of results to return
10Cursor for fetching the next page of results
Cursor for fetching the previous page of results
Return only the keys of the object filter values
Return only the value for a specific key of the object filter values
List of filter values
Bad Request: A parameter provided as a part of the request was invalid.
Unauthorized: the request requires an authentication token.
Forbidden: the request requires an authentication token with more or different permissions.
Not Found: The resource being operated on could not be found.
Internal Server Error: An error was encountered while attempting to process the request.
Partially updates multiple assets within an org context. Maximum of 100 assets can be updated per request. The operation is transactional - all updates succeed or all fail.
Required permissions
Edit Organization (org.edit)
API key value must be prefixed with "Token ".
The unique identifier of the organization
The requested API version
2024-10-15Pattern: ^\d{4}-\d{2}-\d{2}$Assets updated successfully
Bad Request: A parameter provided as a part of the request was invalid.
Unauthorized: the request requires an authentication token.
Forbidden: the request requires an authentication token with more or different permissions.
Not Found: The resource being operated on could not be found.
Internal Server Error: An error was encountered while attempting to process the request.
No content
Retrieves a polymorphic list of all asset types for a given organization. The group and tenant are resolved from the org_id.
Required permissions
View Organization (org.read)
API key value must be prefixed with "Token ".
The unique identifier of the organization
The requested API version
2024-10-15Pattern: ^\d{4}-\d{2}-\d{2}$RSQL filter expression for filtering results.
Supported operators:
==(equal),!=(not equal)<or=lt=(less than),>or=gt=(greater than)<=or=le=(less than or equal),>=or=ge=(greater than or equal)=in=(val1,val2)(IN list),=out=(val1,val2)(NOT IN list);orand(logical AND),,oror(logical OR) - word operators are case-insensitive
Wildcard pattern matching:
Use * (asterisk) for flexible string matching with == and != operators:
*value*- Contains (e.g.,registry==*docker*matches "docker.io")value*- Starts with (e.g.,registry==docker*matches "docker.io")*value- Ends with (e.g.,name==*nginxmatches "library/nginx")!=*value*- Does not contain (e.g.,class!=*test*)
Note: Special SQL characters (%, _) are automatically escaped for security.
Quoted values:
Values can optionally be wrapped in single quotes ('...') or double quotes ("...").
Quotes are stripped before comparison, so registry=='docker.io' is equivalent to registry==docker.io.
Escaped quotes inside quoted values are supported (e.g., name=="O\"Reilly").
Quoting is required when filtering for empty values (see below).
Filtering for empty values:
Use empty quotes ('' or "") with == or != to filter by empty fields:
registry==''- Matches assets where registry is emptyregistry!=''- Matches assets where registry has a value
Multi-field substring search:
Use the special q field to search across multiple fields simultaneously using case-insensitive substring matching:
q==<search_term>- Searches across all searchable string fields (labels, tags, registry, repository, name, config_digest, manifest_digest, index_digest, image_tag)- Only supports the
==operator (no wildcards needed - automatically searches for substring matches) - Uses case-insensitive pattern matching (PostgreSQL ILIKE)
- Does not support linguistic features like stemming or ranking
- Special characters are automatically escaped for security
- Can be combined with other filters:
q==nginx;type==container_images
Supported fields:
Common fields (apply to all asset types):
q(string) - Multi-field substring search (see above)id(UUID) - Asset IDtype(string) - Type of asset. Allowed values:container_imagesclass(string) - Class of asset (e.g., A, B)created_at(timestamp) - Asset creation timestamp (ISO 8601 format)updated_at(timestamp) - Asset last update timestamp (ISO 8601 format)labels(string array) - Asset labelstags(object) - Asset tags. Requires a sub-field (e.g.,tags.env==production)
Container image fields (apply when type is container_images):
registry(string) - Container image registry (e.g., docker.io)repository(string) - Container image repository pathname(string) - Container image nameconfig_digest(string) - Image config digestmanifest_digest(string) - Distribution manifest digestindex_digest(string) - Distribution index digestimage_tag(string) - Image tag from discovery sourceimage_labels(object) - OCI image config labels. Requires a sub-field (e.g.,image_labels.vendor==nginx)
Examples:
q==nginx- Multi-field substring search for "nginx"q==docker.io;type==container_images- Search "docker.io" substring in container images onlytype==container_images- Exact match on asset typeregistry==*docker*- Registry contains "docker" (wildcard)created_at>2024-01-01orcreated_at=gt=2024-01-01- Date comparisonclass==A;created_at=ge=2024-01-01- AND combinationlabels=in=(production,staging)- Labels IN listtags.env==production- Tag sub-field filterimage_labels.vendor==nginx- Image label sub-field filterregistry=='docker.io'- Quoted value (equivalent toregistry==docker.io)registry==''- Assets where registry is emptyregistry!=''- Assets where registry has a value
type==container_images;created_at>2024-01-01Comma-separated sort fields. Prefix with - for descending order.
-created_atNumber of results to return per page
10Cursor for fetching the next page of results
Cursor for fetching the previous page of results
Provide summary count in the response meta object when requested.
When with is provided, the count will be included in the response meta object.
When only is provided, the count will be included in the response meta object and no data will be returned.
withPossible values: Successful response with a polymorphic list of assets
Bad Request: A parameter provided as a part of the request was invalid.
Unauthorized: the request requires an authentication token.
Forbidden: the request requires an authentication token with more or different permissions.
Internal Server Error: An error was encountered while attempting to process the request.
Partially updates an asset's attributes within an org context. Supports updating class, labels (add/remove), and tags (add/remove).
Required permissions
Edit Organization (org.edit)
API key value must be prefixed with "Token ".
The unique identifier of the organization
The unique identifier of the asset
The requested API version
2024-10-15Pattern: ^\d{4}-\d{2}-\d{2}$Asset updated successfully
Bad Request: A parameter provided as a part of the request was invalid.
Unauthorized: the request requires an authentication token.
Forbidden: the request requires an authentication token with more or different permissions.
Not Found: The resource being operated on could not be found.
Internal Server Error: An error was encountered while attempting to process the request.
Retrieves a single asset by its unique identifier within an org context.
Required permissions
View Organization (org.read)
API key value must be prefixed with "Token ".
The unique identifier of the organization
The unique identifier of the asset
The requested API version
2024-10-15Pattern: ^\d{4}-\d{2}-\d{2}$Asset retrieved successfully
Bad Request: A parameter provided as a part of the request was invalid.
Unauthorized: the request requires an authentication token.
Forbidden: the request requires an authentication token with more or different permissions.
Not Found: The resource being operated on could not be found.
Internal Server Error: An error was encountered while attempting to process the request.
Retrieves a paginated list of Snyk targets linked to this asset with full attributes.
Returns the id, type, and attributes of each related target.
Scoped to the specified organization.
Required permissions
View Organization (org.read)
API key value must be prefixed with "Token ".
The unique identifier of the organization
The unique identifier of the asset
The requested API version
2024-10-15Pattern: ^\d{4}-\d{2}-\d{2}$Cursor for fetching the next page of results
Cursor for fetching the previous page of results
Maximum number of results to return per page
10Successfully retrieved linked targets
Bad Request: A parameter provided as a part of the request was invalid.
Unauthorized: the request requires an authentication token.
Forbidden: the request requires an authentication token with more or different permissions.
Not Found: The resource being operated on could not be found.
Internal Server Error: An error was encountered while attempting to process the request.
Retrieves a paginated list of Snyk projects linked to this asset with full attributes.
Returns the id, type, and attributes of each related project.
Scoped to the specified organization.
Required permissions
View Organization (org.read)
API key value must be prefixed with "Token ".
The unique identifier of the organization
The unique identifier of the asset
The requested API version
2024-10-15Pattern: ^\d{4}-\d{2}-\d{2}$Cursor for fetching the next page of results
Cursor for fetching the previous page of results
Maximum number of results to return per page
10Filter projects by canonical status.
with: Returns all projects (canonical attribute is populated).only: Returns only canonical projects (those used for vulnerability counts).none: Returns only non-canonical projects. When omitted, returns all projects without canonical filtering.
Filter projects by target ID. When provided, returns only projects that belong to the specified target. When omitted, returns projects from all targets.
Successfully retrieved linked projects
Bad Request: A parameter provided as a part of the request was invalid.
Unauthorized: the request requires an authentication token.
Forbidden: the request requires an authentication token with more or different permissions.
Not Found: The resource being operated on could not be found.
Internal Server Error: An error was encountered while attempting to process the request.
Initiates an asynchronous search for assets within an org context.
Required permissions
View Organization (org.read)
API key value must be prefixed with "Token ".
The unique identifier of the organization
The requested API version
2024-10-15Pattern: ^\d{4}-\d{2}-\d{2}$Found - Redirects to search results endpoint
Bad Request: A parameter provided as a part of the request was invalid.
Internal Server Error: An error was encountered while attempting to process the request.
Gets paginated results for a previously initiated asset search within an org context.
Required permissions
View Organization (org.read)
API key value must be prefixed with "Token ".
The unique identifier of the organization
The unique identifier of the search operation
The requested API version
2024-10-15Pattern: ^\d{4}-\d{2}-\d{2}$Sort order for results (e.g., -created_at for descending)
Maximum number of results to return
10Cursor for forward pagination
Cursor for backward pagination
Search results retrieved successfully
Not Found: The resource being operated on could not be found.
Internal Server Error: An error was encountered while attempting to process the request.
Returns a list of valid group field names that can be used for grouping assets within an org context.
Required permissions
View Organization (org.read)
API key value must be prefixed with "Token ".
The unique identifier of the organization
The requested API version
2024-10-15Pattern: ^\d{4}-\d{2}-\d{2}$Comma-separated list of asset types to filter group fields
Maximum number of results to return
10Cursor for forward pagination
Cursor for backward pagination
List of available group fields
Bad Request: A parameter provided as a part of the request was invalid.
Unauthorized: the request requires an authentication token.
Forbidden: the request requires an authentication token with more or different permissions.
Internal Server Error: An error was encountered while attempting to process the request.
Returns aggregated values for a specific group field id, showing the count of assets for each distinct value.
Use the UUID from the group fields list endpoint to identify which field to query.
Required permissions
View Organization (org.read)
API key value must be prefixed with "Token ".
The unique identifier of the organization
The UUID of the group field to get values for (from the group fields list endpoint)
3fa85f64-5717-4562-b3fc-2c963f66afa6The requested API version
2024-10-15Pattern: ^\d{4}-\d{2}-\d{2}$Comma-separated list of asset types to filter the aggregation
container_imagesRSQL filter expression for filtering results.
Supported operators:
==(equal),!=(not equal)<or=lt=(less than),>or=gt=(greater than)<=or=le=(less than or equal),>=or=ge=(greater than or equal)=in=(val1,val2)(IN list),=out=(val1,val2)(NOT IN list);orand(logical AND),,oror(logical OR) - word operators are case-insensitive
Wildcard pattern matching:
Use * (asterisk) for flexible string matching with == and != operators:
*value*- Contains (e.g.,registry==*docker*matches "docker.io")value*- Starts with (e.g.,registry==docker*matches "docker.io")*value- Ends with (e.g.,name==*nginxmatches "library/nginx")!=*value*- Does not contain (e.g.,class!=*test*)
Note: Special SQL characters (%, _) are automatically escaped for security.
Quoted values:
Values can optionally be wrapped in single quotes ('...') or double quotes ("...").
Quotes are stripped before comparison, so registry=='docker.io' is equivalent to registry==docker.io.
Escaped quotes inside quoted values are supported (e.g., name=="O\"Reilly").
Quoting is required when filtering for empty values (see below).
Filtering for empty values:
Use empty quotes ('' or "") with == or != to filter by empty fields:
registry==''- Matches assets where registry is emptyregistry!=''- Matches assets where registry has a value
Multi-field substring search:
Use the special q field to search across multiple fields simultaneously using case-insensitive substring matching:
q==<search_term>- Searches across all searchable string fields (labels, tags, registry, repository, name, config_digest, manifest_digest, index_digest, image_tag)- Only supports the
==operator (no wildcards needed - automatically searches for substring matches) - Uses case-insensitive pattern matching (PostgreSQL ILIKE)
- Does not support linguistic features like stemming or ranking
- Special characters are automatically escaped for security
- Can be combined with other filters:
q==nginx;type==container_images
Supported fields:
Common fields (apply to all asset types):
q(string) - Multi-field substring search (see above)id(UUID) - Asset IDtype(string) - Type of asset. Allowed values:container_imagesclass(string) - Class of asset (e.g., A, B)created_at(timestamp) - Asset creation timestamp (ISO 8601 format)updated_at(timestamp) - Asset last update timestamp (ISO 8601 format)labels(string array) - Asset labelstags(object) - Asset tags. Requires a sub-field (e.g.,tags.env==production)
Container image fields (apply when type is container_images):
registry(string) - Container image registry (e.g., docker.io)repository(string) - Container image repository pathname(string) - Container image nameconfig_digest(string) - Image config digestmanifest_digest(string) - Distribution manifest digestindex_digest(string) - Distribution index digestimage_tag(string) - Image tag from discovery sourceimage_labels(object) - OCI image config labels. Requires a sub-field (e.g.,image_labels.vendor==nginx)
Examples:
q==nginx- Multi-field substring search for "nginx"q==docker.io;type==container_images- Search "docker.io" substring in container images onlytype==container_images- Exact match on asset typeregistry==*docker*- Registry contains "docker" (wildcard)created_at>2024-01-01orcreated_at=gt=2024-01-01- Date comparisonclass==A;created_at=ge=2024-01-01- AND combinationlabels=in=(production,staging)- Labels IN listtags.env==production- Tag sub-field filterimage_labels.vendor==nginx- Image label sub-field filterregistry=='docker.io'- Quoted value (equivalent toregistry==docker.io)registry==''- Assets where registry is emptyregistry!=''- Assets where registry has a value
type==container_images;created_at>2024-01-01Comma-separated sort fields for group values. Prefix with - for descending order.
Multiple sort fields are supported (e.g., -issues,count).
Defaults to count (ascending) when not specified.
Results are always tie-broken by value for deterministic ordering.
Available sort fields:
value- Sort by the group value string (alphabetical)count- Sort by the number of assets in each grouplast_seen_at- Sort by the aggregated last_seen_at timestampupdated_at- Sort by the aggregated updated_at timestamprisk_score- Sort by the aggregated risk scoreissues- Sort by issue severity (critical → high → medium → low)
-countMaximum number of group values to return
10Cursor for forward pagination
Cursor for backward pagination
List of group values with aggregated metadata
Bad Request: A parameter provided as a part of the request was invalid.
Unauthorized: the request requires an authentication token.
Forbidden: the request requires an authentication token with more or different permissions.
Not Found: The resource being operated on could not be found.
Internal Server Error: An error was encountered while attempting to process the request.
Returns a list of valid field names that can be used for filtering assets using RSQL. Each field includes its name, data type, and which asset types it applies to.
Required permissions
View Organization (org.read)
API key value must be prefixed with "Token ".
The unique identifier of the organization
The requested API version
2024-10-15Pattern: ^\d{4}-\d{2}-\d{2}$Comma-separated list of asset types to filter the available filter fields
container_imagesNumber of results to return
10Cursor for fetching the next page of results
Cursor for fetching the previous page of results
List of available filter fields
Bad Request: A parameter provided as a part of the request was invalid.
Unauthorized: the request requires an authentication token.
Forbidden: the request requires an authentication token with more or different permissions.
Internal Server Error: An error was encountered while attempting to process the request.
Returns a list of distinct values for a specific filter field. Useful for building autocomplete functionality in filter UIs.
Use the UUID from the filter fields list endpoint to identify which field to query.
For object filter values, both the keys and values are returned.
Required permissions
View Organization (org.read)
API key value must be prefixed with "Token ".
The unique identifier of the organization
The UUID of the filter field to get values for (from the filter fields list endpoint)
3fa85f64-5717-4562-b3fc-2c963f66afa6The requested API version
2024-10-15Pattern: ^\d{4}-\d{2}-\d{2}$Full text search term to filter the list of values. If keys_only is true, this will filter the keys of the object filter values. If key is provided, this will filter the value for the specific key of the object filter values.
prodNumber of results to return
10Cursor for fetching the next page of results
Cursor for fetching the previous page of results
Return only the keys of the object filter values
Return only the value for a specific key of the object filter values
List of filter values
Bad Request: A parameter provided as a part of the request was invalid.
Unauthorized: the request requires an authentication token.
Forbidden: the request requires an authentication token with more or different permissions.
Not Found: The resource being operated on could not be found.
Internal Server Error: An error was encountered while attempting to process the request.
Partially updates multiple assets within a group context. Maximum of 100 assets can be updated per request. The operation is transactional - all updates succeed or all fail.
Required permissions
Edit Group Details (group.edit)
API key value must be prefixed with "Token ".
The unique identifier of the group
The requested API version
2024-10-15Pattern: ^\d{4}-\d{2}-\d{2}$Assets updated successfully
Bad Request: A parameter provided as a part of the request was invalid.
Unauthorized: the request requires an authentication token.
Forbidden: the request requires an authentication token with more or different permissions.
Not Found: The resource being operated on could not be found.
Internal Server Error: An error was encountered while attempting to process the request.
No content
Retrieves a polymorphic list of all asset types for a given group. The tenant is resolved from the group_id.
Required permissions
View Groups (group.read)
API key value must be prefixed with "Token ".
The unique identifier of the group
The requested API version
2024-10-15Pattern: ^\d{4}-\d{2}-\d{2}$RSQL filter expression for filtering results.
Supported operators:
==(equal),!=(not equal)<or=lt=(less than),>or=gt=(greater than)<=or=le=(less than or equal),>=or=ge=(greater than or equal)=in=(val1,val2)(IN list),=out=(val1,val2)(NOT IN list);orand(logical AND),,oror(logical OR) - word operators are case-insensitive
Wildcard pattern matching:
Use * (asterisk) for flexible string matching with == and != operators:
*value*- Contains (e.g.,registry==*docker*matches "docker.io")value*- Starts with (e.g.,registry==docker*matches "docker.io")*value- Ends with (e.g.,name==*nginxmatches "library/nginx")!=*value*- Does not contain (e.g.,class!=*test*)
Note: Special SQL characters (%, _) are automatically escaped for security.
Quoted values:
Values can optionally be wrapped in single quotes ('...') or double quotes ("...").
Quotes are stripped before comparison, so registry=='docker.io' is equivalent to registry==docker.io.
Escaped quotes inside quoted values are supported (e.g., name=="O\"Reilly").
Quoting is required when filtering for empty values (see below).
Filtering for empty values:
Use empty quotes ('' or "") with == or != to filter by empty fields:
registry==''- Matches assets where registry is emptyregistry!=''- Matches assets where registry has a value
Multi-field substring search:
Use the special q field to search across multiple fields simultaneously using case-insensitive substring matching:
q==<search_term>- Searches across all searchable string fields (labels, tags, registry, repository, name, config_digest, manifest_digest, index_digest, image_tag)- Only supports the
==operator (no wildcards needed - automatically searches for substring matches) - Uses case-insensitive pattern matching (PostgreSQL ILIKE)
- Does not support linguistic features like stemming or ranking
- Special characters are automatically escaped for security
- Can be combined with other filters:
q==nginx;type==container_images
Supported fields:
Common fields (apply to all asset types):
q(string) - Multi-field substring search (see above)id(UUID) - Asset IDtype(string) - Type of asset. Allowed values:container_imagesclass(string) - Class of asset (e.g., A, B)created_at(timestamp) - Asset creation timestamp (ISO 8601 format)updated_at(timestamp) - Asset last update timestamp (ISO 8601 format)labels(string array) - Asset labelstags(object) - Asset tags. Requires a sub-field (e.g.,tags.env==production)
Container image fields (apply when type is container_images):
registry(string) - Container image registry (e.g., docker.io)repository(string) - Container image repository pathname(string) - Container image nameconfig_digest(string) - Image config digestmanifest_digest(string) - Distribution manifest digestindex_digest(string) - Distribution index digestimage_tag(string) - Image tag from discovery sourceimage_labels(object) - OCI image config labels. Requires a sub-field (e.g.,image_labels.vendor==nginx)
Examples:
q==nginx- Multi-field substring search for "nginx"q==docker.io;type==container_images- Search "docker.io" substring in container images onlytype==container_images- Exact match on asset typeregistry==*docker*- Registry contains "docker" (wildcard)created_at>2024-01-01orcreated_at=gt=2024-01-01- Date comparisonclass==A;created_at=ge=2024-01-01- AND combinationlabels=in=(production,staging)- Labels IN listtags.env==production- Tag sub-field filterimage_labels.vendor==nginx- Image label sub-field filterregistry=='docker.io'- Quoted value (equivalent toregistry==docker.io)registry==''- Assets where registry is emptyregistry!=''- Assets where registry has a value
type==container_images;created_at>2024-01-01Comma-separated sort fields. Prefix with - for descending order.
-created_atNumber of results to return per page
10Cursor for fetching the next page of results
Cursor for fetching the previous page of results
Provide summary count in the response meta object when requested.
When with is provided, the count will be included in the response meta object.
When only is provided, the count will be included in the response meta object and no data will be returned.
withPossible values: Successful response with a polymorphic list of assets
Bad Request: A parameter provided as a part of the request was invalid.
Unauthorized: the request requires an authentication token.
Forbidden: the request requires an authentication token with more or different permissions.
Internal Server Error: An error was encountered while attempting to process the request.
Partially updates an asset's attributes within a group context. Supports updating class, labels (add/remove), and tags (add/remove).
Required permissions
Edit Group Details (group.edit)
API key value must be prefixed with "Token ".
The unique identifier of the group
The unique identifier of the asset
The requested API version
2024-10-15Pattern: ^\d{4}-\d{2}-\d{2}$Asset updated successfully
Bad Request: A parameter provided as a part of the request was invalid.
Unauthorized: the request requires an authentication token.
Forbidden: the request requires an authentication token with more or different permissions.
Not Found: The resource being operated on could not be found.
Internal Server Error: An error was encountered while attempting to process the request.
Retrieves a single asset by its unique identifier within a group context.
Required permissions
View Groups (group.read)
API key value must be prefixed with "Token ".
The unique identifier of the group
The unique identifier of the asset
The requested API version
2024-10-15Pattern: ^\d{4}-\d{2}-\d{2}$Asset retrieved successfully
Bad Request: A parameter provided as a part of the request was invalid.
Unauthorized: the request requires an authentication token.
Forbidden: the request requires an authentication token with more or different permissions.
Not Found: The resource being operated on could not be found.
Internal Server Error: An error was encountered while attempting to process the request.
Retrieves a paginated list of Snyk targets linked to this asset with full attributes.
Returns the id, type, and attributes of each related target.
Scoped to the specified group.
Required permissions
View Groups (group.read)
API key value must be prefixed with "Token ".
The unique identifier of the group
The unique identifier of the asset
The requested API version
2024-10-15Pattern: ^\d{4}-\d{2}-\d{2}$Cursor for fetching the next page of results
Cursor for fetching the previous page of results
Maximum number of results to return per page
10Successfully retrieved linked targets
Bad Request: A parameter provided as a part of the request was invalid.
Unauthorized: the request requires an authentication token.
Forbidden: the request requires an authentication token with more or different permissions.
Not Found: The resource being operated on could not be found.
Internal Server Error: An error was encountered while attempting to process the request.
Retrieves a paginated list of Snyk projects linked to this asset with full attributes.
Returns the id, type, and attributes of each related project.
Scoped to the specified group.
Required permissions
View Groups (group.read)
API key value must be prefixed with "Token ".
The unique identifier of the group
The unique identifier of the asset
The requested API version
2024-10-15Pattern: ^\d{4}-\d{2}-\d{2}$Cursor for fetching the next page of results
Cursor for fetching the previous page of results
Maximum number of results to return per page
10Filter projects by canonical status.
with: Returns all projects (canonical attribute is populated).only: Returns only canonical projects (those used for vulnerability counts).none: Returns only non-canonical projects. When omitted, returns all projects without canonical filtering.
Filter projects by target ID. When provided, returns only projects that belong to the specified target. When omitted, returns projects from all targets.
Successfully retrieved linked projects
Bad Request: A parameter provided as a part of the request was invalid.
Unauthorized: the request requires an authentication token.
Forbidden: the request requires an authentication token with more or different permissions.
Not Found: The resource being operated on could not be found.
Internal Server Error: An error was encountered while attempting to process the request.
Initiates an asynchronous search for assets within a group context.
Required permissions
View Groups (group.read)
API key value must be prefixed with "Token ".
The unique identifier of the group
The requested API version
2024-10-15Pattern: ^\d{4}-\d{2}-\d{2}$Found - Redirects to search results endpoint
Bad Request: A parameter provided as a part of the request was invalid.
Internal Server Error: An error was encountered while attempting to process the request.
Gets paginated results for a previously initiated asset search within a group context.
Required permissions
View Groups (group.read)
API key value must be prefixed with "Token ".
The unique identifier of the group
The unique identifier of the search operation
The requested API version
2024-10-15Pattern: ^\d{4}-\d{2}-\d{2}$Sort order for results (e.g., -created_at for descending)
Maximum number of results to return
10Cursor for forward pagination
Cursor for backward pagination
Search results retrieved successfully
Not Found: The resource being operated on could not be found.
Internal Server Error: An error was encountered while attempting to process the request.
Returns a list of valid group field names that can be used for grouping assets within a group context.
Required permissions
View Groups (group.read)
API key value must be prefixed with "Token ".
The unique identifier of the group
The requested API version
2024-10-15Pattern: ^\d{4}-\d{2}-\d{2}$Comma-separated list of asset types to filter group fields
Maximum number of results to return
10Cursor for forward pagination
Cursor for backward pagination
List of available group fields
Bad Request: A parameter provided as a part of the request was invalid.
Unauthorized: the request requires an authentication token.
Forbidden: the request requires an authentication token with more or different permissions.
Internal Server Error: An error was encountered while attempting to process the request.
Returns aggregated values for a specific group field id, showing the count of assets for each distinct value.
Use the UUID from the group fields list endpoint to identify which field to query.
Required permissions
View Groups (group.read)
API key value must be prefixed with "Token ".
The unique identifier of the group
The UUID of the group field to get values for (from the group fields list endpoint)
3fa85f64-5717-4562-b3fc-2c963f66afa6The requested API version
2024-10-15Pattern: ^\d{4}-\d{2}-\d{2}$Comma-separated list of asset types to filter the aggregation
container_imagesRSQL filter expression for filtering results.
Supported operators:
==(equal),!=(not equal)<or=lt=(less than),>or=gt=(greater than)<=or=le=(less than or equal),>=or=ge=(greater than or equal)=in=(val1,val2)(IN list),=out=(val1,val2)(NOT IN list);orand(logical AND),,oror(logical OR) - word operators are case-insensitive
Wildcard pattern matching:
Use * (asterisk) for flexible string matching with == and != operators:
*value*- Contains (e.g.,registry==*docker*matches "docker.io")value*- Starts with (e.g.,registry==docker*matches "docker.io")*value- Ends with (e.g.,name==*nginxmatches "library/nginx")!=*value*- Does not contain (e.g.,class!=*test*)
Note: Special SQL characters (%, _) are automatically escaped for security.
Quoted values:
Values can optionally be wrapped in single quotes ('...') or double quotes ("...").
Quotes are stripped before comparison, so registry=='docker.io' is equivalent to registry==docker.io.
Escaped quotes inside quoted values are supported (e.g., name=="O\"Reilly").
Quoting is required when filtering for empty values (see below).
Filtering for empty values:
Use empty quotes ('' or "") with == or != to filter by empty fields:
registry==''- Matches assets where registry is emptyregistry!=''- Matches assets where registry has a value
Multi-field substring search:
Use the special q field to search across multiple fields simultaneously using case-insensitive substring matching:
q==<search_term>- Searches across all searchable string fields (labels, tags, registry, repository, name, config_digest, manifest_digest, index_digest, image_tag)- Only supports the
==operator (no wildcards needed - automatically searches for substring matches) - Uses case-insensitive pattern matching (PostgreSQL ILIKE)
- Does not support linguistic features like stemming or ranking
- Special characters are automatically escaped for security
- Can be combined with other filters:
q==nginx;type==container_images
Supported fields:
Common fields (apply to all asset types):
q(string) - Multi-field substring search (see above)id(UUID) - Asset IDtype(string) - Type of asset. Allowed values:container_imagesclass(string) - Class of asset (e.g., A, B)created_at(timestamp) - Asset creation timestamp (ISO 8601 format)updated_at(timestamp) - Asset last update timestamp (ISO 8601 format)labels(string array) - Asset labelstags(object) - Asset tags. Requires a sub-field (e.g.,tags.env==production)
Container image fields (apply when type is container_images):
registry(string) - Container image registry (e.g., docker.io)repository(string) - Container image repository pathname(string) - Container image nameconfig_digest(string) - Image config digestmanifest_digest(string) - Distribution manifest digestindex_digest(string) - Distribution index digestimage_tag(string) - Image tag from discovery sourceimage_labels(object) - OCI image config labels. Requires a sub-field (e.g.,image_labels.vendor==nginx)
Examples:
q==nginx- Multi-field substring search for "nginx"q==docker.io;type==container_images- Search "docker.io" substring in container images onlytype==container_images- Exact match on asset typeregistry==*docker*- Registry contains "docker" (wildcard)created_at>2024-01-01orcreated_at=gt=2024-01-01- Date comparisonclass==A;created_at=ge=2024-01-01- AND combinationlabels=in=(production,staging)- Labels IN listtags.env==production- Tag sub-field filterimage_labels.vendor==nginx- Image label sub-field filterregistry=='docker.io'- Quoted value (equivalent toregistry==docker.io)registry==''- Assets where registry is emptyregistry!=''- Assets where registry has a value
type==container_images;created_at>2024-01-01Comma-separated sort fields for group values. Prefix with - for descending order.
Multiple sort fields are supported (e.g., -issues,count).
Defaults to count (ascending) when not specified.
Results are always tie-broken by value for deterministic ordering.
Available sort fields:
value- Sort by the group value string (alphabetical)count- Sort by the number of assets in each grouplast_seen_at- Sort by the aggregated last_seen_at timestampupdated_at- Sort by the aggregated updated_at timestamprisk_score- Sort by the aggregated risk scoreissues- Sort by issue severity (critical → high → medium → low)
-countMaximum number of group values to return
10Cursor for forward pagination
Cursor for backward pagination
List of group values with aggregated metadata
Bad Request: A parameter provided as a part of the request was invalid.
Unauthorized: the request requires an authentication token.
Forbidden: the request requires an authentication token with more or different permissions.
Not Found: The resource being operated on could not be found.
Internal Server Error: An error was encountered while attempting to process the request.
Returns a list of valid field names that can be used for filtering assets using RSQL. Each field includes its name, data type, and which asset types it applies to.
Required permissions
View Groups (group.read)
API key value must be prefixed with "Token ".
The unique identifier of the group
The requested API version
2024-10-15Pattern: ^\d{4}-\d{2}-\d{2}$Comma-separated list of asset types to filter the available filter fields
container_imagesNumber of results to return
10Cursor for fetching the next page of results
Cursor for fetching the previous page of results
List of available filter fields
Bad Request: A parameter provided as a part of the request was invalid.
Unauthorized: the request requires an authentication token.
Forbidden: the request requires an authentication token with more or different permissions.
Internal Server Error: An error was encountered while attempting to process the request.
Returns a list of distinct values for a specific filter field. Useful for building autocomplete functionality in filter UIs.
Use the UUID from the filter fields list endpoint to identify which field to query.
For object filter values, both the keys and values are returned.
Required permissions
View Groups (group.read)
API key value must be prefixed with "Token ".
The unique identifier of the group
The UUID of the filter field to get values for (from the filter fields list endpoint)
3fa85f64-5717-4562-b3fc-2c963f66afa6The requested API version
2024-10-15Pattern: ^\d{4}-\d{2}-\d{2}$Full text search term to filter the list of values. If keys_only is true, this will filter the keys of the object filter values. If key is provided, this will filter the value for the specific key of the object filter values.
prodNumber of results to return
10Cursor for fetching the next page of results
Cursor for fetching the previous page of results
Return only the keys of the object filter values
Return only the value for a specific key of the object filter values
List of filter values
Bad Request: A parameter provided as a part of the request was invalid.
Unauthorized: the request requires an authentication token.
Forbidden: the request requires an authentication token with more or different permissions.
Not Found: The resource being operated on could not be found.
Internal Server Error: An error was encountered while attempting to process the request.
Last updated
Was this helpful?