search
SupportSnyk LearnAPI referenceProduct updatesSign up for free
githubEdit

Projects (v1)

circle-info

This document uses the v1 API, which will eventually be deprecated, as further Snyk developments are now focused on the REST API. For more details, see the v1 API.

Note: For a list of Project types, see Project type responses from the API.

hashtag
Update a project

put

Required permissions

  • View Organization
  • View Project
  • Edit Project
Path parameters
orgIdstringRequired

The organization ID the project belongs to. The API_KEY must have access to this organization.

Example: 4a18d42f-0706-4ad0-b127-24078731fbed
projectIdstringRequired

The project ID.

Example: 463c1ee5-31bc-428c-b451-b79a3270db08
Body
branchstringOptional

The branch that this project should be monitoring

Example: main
Responses
chevron-right
200Success
application/json
namestringOptionalExample: snyk/goof
idstringOptional

The project identifier

Example: af137b96-6966-46c1-826b-2e79ac49bbd9
createdstringOptional

The date that the project was created on

Example: 2018-10-29T09:50:54.014Z
originstringOptional

The origin the project was added from

Example: github
typestringOptional

The package manager of the project

Example: maven
readOnlybooleanOptional

Whether the project is read-only

Example: false
testFrequencystringOptional

The frequency of automated Snyk re-test. Can be 'daily', 'weekly or 'never'

Example: daily
totalDependenciesnumberOptional

Number of dependencies of the project

Example: 42
imageIdstringOptional

For docker projects shows the ID of the image

Example: sha256:caf27325b298a6730837023a8a342699c8b7b388b8d878966b064a1320043019
imageTagstringOptional

For docker projects shows the tag of the image

Example: latest
imageBaseImagestringOptional

For docker projects shows the base image

Example: alpine:3
imagePlatformstringOptional

For docker projects shows the platform of the image

Example: linux/arm64
imageClusterstringOptional

For Kubernetes projects shows the origin cluster name

Example: Production
hostnamestring · nullableOptional

The hostname for a CLI project, null if not set

remoteRepoUrlstringOptional

The project remote repository url. Only set for projects imported via the Snyk CLI tool.

Example: https://github.com/snyk/goof.git
lastTestedDatestringOptional

The date on which the most recent test was conducted for this project

Example: 2019-02-05T08:54:07.704Z
ownerobject · nullableOptional

The user who owns the project, null if not set

{ "id": "e713cf94-bb02-4ea0-89d9-613cce0caed2", "name": "[email protected]", "username": "exampleUser", "email": "[email protected]" }

browseUrlstringOptional

URL with project overview

Example: https://app.snyk.io/org/4a18d42f-0706-4ad0-b127-24078731fbed/project/af137b96-6966-46c1-826b-2e79ac49bbd9
isMonitoredbooleanOptional

Describes if a project is currently monitored or it is de-activated

branchstring · nullableOptional

The monitored branch (if available)

targetReferencestring · nullableOptional

The identifier for which revision of the resource is scanned by Snyk. For example this may be a branch for SCM project, or a tag for a container image

tagsstring[]Optional

List of applied tags

attributesstringOptional

Applied project attributes

put
/org/{orgId}/project/{projectId}
200Success

hashtag
Retrieve a single project

get

Required permissions

  • View Organization
  • View Project
  • View Project Snapshot
Path parameters
orgIdstringRequired

The organization ID the project belongs to. The API_KEY must have access to this organization.

Example: 4a18d42f-0706-4ad0-b127-24078731fbed
projectIdstringRequired

The project ID.

Example: 463c1ee5-31bc-428c-b451-b79a3270db08
Responses
chevron-right
200Success
application/json
namestringOptionalExample: snyk/goof
idstringOptional

The project identifier

Example: af137b96-6966-46c1-826b-2e79ac49bbd9
createdstringOptional

The date that the project was created on

Example: 2018-10-29T09:50:54.014Z
originstringOptional

The origin the project was added from

Example: github
typestringOptional

The package manager of the project

Example: maven
readOnlybooleanOptional

Whether the project is read-only

Example: false
testFrequencystringOptional

The frequency of automated Snyk re-test. Can be 'daily', 'weekly or 'never'

Example: daily
totalDependenciesnumberOptional

Number of dependencies of the project

Example: 42
imageIdstringOptional

For docker projects shows the ID of the image

Example: sha256:caf27325b298a6730837023a8a342699c8b7b388b8d878966b064a1320043019
imageTagstringOptional

For docker projects shows the tag of the image

Example: latest
imageBaseImagestringOptional

For docker projects shows the base image

Example: alpine:3
imagePlatformstringOptional

For docker projects shows the platform of the image

Example: linux/arm64
imageClusterstringOptional

For Kubernetes projects shows the origin cluster name

Example: Production
hostnamestring · nullableOptional

The hostname for a CLI project, null if not set

remoteRepoUrlstringOptional

The project remote repository url. Only set for projects imported via the Snyk CLI tool.

Example: https://github.com/snyk/goof.git
lastTestedDatestringOptional

The date on which the most recent test was conducted for this project

Example: 2019-02-05T08:54:07.704Z
ownerobject · nullableOptional

The user who owns the project, null if not set

{ "id": "e713cf94-bb02-4ea0-89d9-613cce0caed2", "name": "[email protected]", "username": "exampleUser", "email": "[email protected]" }

browseUrlstringOptional

URL with project overview

Example: https://app.snyk.io/org/4a18d42f-0706-4ad0-b127-24078731fbed/project/af137b96-6966-46c1-826b-2e79ac49bbd9
isMonitoredbooleanOptional

Describes if a project is currently monitored or it is de-activated

branchstring · nullableOptional

The monitored branch (if available)

targetReferencestring · nullableOptional

The identifier for which revision of the resource is scanned by Snyk. For example this may be a branch for SCM project, or a tag for a container image

tagsstring[]Optional

List of applied tags

attributesstringOptional

Applied project attributes

get
/org/{orgId}/project/{projectId}
200Success

hashtag
Delete a project

delete

Required permissions

  • View Organization
  • View Project
  • Remove Project
Path parameters
orgIdstringRequired

The organization ID the project belongs to. The API_KEY must have access to this organization.

Example: 4a18d42f-0706-4ad0-b127-24078731fbed
projectIdstringRequired

The project ID.

Example: 463c1ee5-31bc-428c-b451-b79a3270db08
Responses
chevron-right
200Success
delete
/org/{orgId}/project/{projectId}
200Success
No content

hashtag
Add a tag to a project

post

Required permissions

  • Group Admin
Path parameters
orgIdstringRequired

The organization ID. The API_KEY must have access to this organization.

Example: 4a18d42f-0706-4ad0-b127-24078731fbed
projectIdstringRequired

The project ID to apply the tag to

Example: 6d5813be-7e6d-4ab8-80c2-1e3e2a454545
Body
keystringOptional

Alphanumeric including - and _ with a limit of 30 characters

Example: example-tag-key
valuestringOptional

Alphanumeric including - and _ with a limit of 50 characters

Example: example-tag-value
Responses
chevron-right
200Success
application/json
post
/org/{orgId}/project/{projectId}/tags
200Success

hashtag
Remove a tag from a project

post

Required permissions

  • Group Admin
Path parameters
orgIdstringRequired

The organization ID. The API_KEY must have access to this organization.

Example: 4a18d42f-0706-4ad0-b127-24078731fbed
projectIdstringRequired

The project ID to remove a tag from

Example: 6d5813be-7e6d-4ab8-80c2-1e3e2a454545
Body
keystringOptional

Alphanumeric including - and _ with a limit of 30 characters

Example: example-tag-key
valuestringOptional

Alphanumeric including - and _ with a limit of 50 characters

Example: example-tag-value
Responses
chevron-right
200Success
application/json
post
/org/{orgId}/project/{projectId}/tags/remove
200Success

hashtag
Update project settings

put

Required permissions

  • View Organization
  • View Project
  • Edit Project
Path parameters
orgIdstringRequired

The organization ID to which the project belongs. The API_KEY must have access to this organization.

Example: 4a18d42f-0706-4ad0-b127-24078731fbed
projectIdstringRequired

The project ID

Example: 463c1ee5-31bc-428c-b451-b79a3270db08
Body
autoDepUpgradeEnabledbooleanOptional

If set to true, Snyk will raise dependency upgrade PRs automatically.

autoDepUpgradeIgnoredDependenciesstring[]Optional

An array of comma-separated strings with names of dependencies you wish Snyk to ignore to upgrade.

autoDepUpgradeMinAgenumberOptional

The age (in days) that an automatic dependency check is valid for

autoDepUpgradeLimitnumberOptional

The limit on auto dependency upgrade PRs.

pullRequestFailOnAnyVulnsbooleanOptional

If set to true, fail Snyk Test if the repo has any vulnerabilities. Otherwise, fail only when the PR is adding a vulnerable dependency.

pullRequestFailOnlyForHighSeveritybooleanOptional

If set to true, fail Snyk Test only for high and critical severity vulnerabilities

pullRequestTestEnabledbooleanOptional

If set to true, Snyk Test checks PRs for vulnerabilities.:cq

pullRequestAssignmentstringOptional

assign Snyk pull requests

autoRemediationPrsstringOptional

Defines automatic remediation policies

Responses
chevron-right
200

The response will contain the attributes and values that have been sent in the request and successfully updated.

application/json
autoDepUpgradeEnabledbooleanOptional

If set to true, Snyk will raise dependency upgrade PRs automatically.

autoDepUpgradeIgnoredDependenciesstring[]Optional

An array of comma-separated strings with names of dependencies you wish Snyk to ignore to upgrade.

autoDepUpgradeMinAgenumberOptional

The age (in days) that an automatic dependency check is valid for

autoDepUpgradeLimitnumberOptional

The limit on auto dependency upgrade PRs.

pullRequestFailOnAnyVulnsbooleanOptional

If set to true, fail Snyk Test if the repo has any vulnerabilities. Otherwise, fail only when the PR is adding a vulnerable dependency.

pullRequestFailOnlyForHighSeveritybooleanOptional

If set to true, fail Snyk Test only for high and critical severity vulnerabilities

pullRequestTestEnabledbooleanOptional

If set to true, Snyk Test checks PRs for vulnerabilities.:cq

pullRequestAssignmentstringOptional

assign Snyk pull requests

autoRemediationPrsstringOptional

Defines automatic remediation policies

put
/org/{orgId}/project/{projectId}/settings
200

The response will contain the attributes and values that have been sent in the request and successfully updated.

hashtag
List project settings

get

Required permissions

  • View Organization
  • View Project
Path parameters
orgIdstringRequired

The organization ID to which the project belongs. The API_KEY must have access to this organization.

Example: 4a18d42f-0706-4ad0-b127-24078731fbed
projectIdstringRequired

The project ID

Example: 463c1ee5-31bc-428c-b451-b79a3270db08
Responses
chevron-right
200

The response will contain only attributes that can be updated (see ATTRIBUTES section in Update project settings) and that have been previously set.

application/json
autoDepUpgradeEnabledbooleanOptional

If set to true, Snyk will raise dependency upgrade PRs automatically.

autoDepUpgradeIgnoredDependenciesstring[]Optional

An array of comma-separated strings with names of dependencies you wish Snyk to ignore to upgrade.

autoDepUpgradeMinAgenumberOptional

The age (in days) that an automatic dependency check is valid for

autoDepUpgradeLimitnumberOptional

The limit on auto dependency upgrade PRs.

pullRequestFailOnAnyVulnsbooleanOptional

If set to true, fail Snyk Test if the repo has any vulnerabilities. Otherwise, fail only when the PR is adding a vulnerable dependency.

pullRequestFailOnlyForHighSeveritybooleanOptional

If set to true, fail Snyk Test only for high and critical severity vulnerabilities

pullRequestTestEnabledbooleanOptional

If set to true, Snyk Test checks PRs for vulnerabilities.:cq

pullRequestAssignmentstringOptional

assign Snyk pull requests

autoRemediationPrsstringOptional

Defines automatic remediation policies

get
/org/{orgId}/project/{projectId}/settings
200

The response will contain only attributes that can be updated (see ATTRIBUTES section in Update project settings) and that have been previously set.

hashtag
Delete project settings

delete

Deleting project settings will set the project to inherit default settings from its integration.

Required permissions

  • View Organization
  • View Project
  • Edit Project
Path parameters
orgIdstringRequired

The organization ID to which the project belongs. The API_KEY must have access to this organization.

Example: 4a18d42f-0706-4ad0-b127-24078731fbed
projectIdstringRequired

The project ID

Example: 463c1ee5-31bc-428c-b451-b79a3270db08
Responses
delete
/org/{orgId}/project/{projectId}/settings
204Success
No content

hashtag
Move project to a different organization

put

Note: when moving a project to a new organization, the historical data used for reporting does not move with it.

Required permissions

  • View Organization
  • View Project
  • Move Project
Path parameters
orgIdstringRequired

The organization ID to which the project belongs. The API_KEY must have group admin permissions. If the project is moved to a new group, a personal level API key is needed.

Example: 4a18d42f-0706-4ad0-b127-24078731fbed
projectIdstringRequired

The project ID.

Example: 463c1ee5-31bc-428c-b451-b79a3270db08
Body
targetOrgIdstringOptional

The ID of the organization that the project should be moved to. The API_KEY must have group admin permissions. If the project is moved to a new group, a personal level API key is needed.

Responses
chevron-right
200Success
application/json
originOrgstringRequired
destinationOrgstringRequired
movedProjectstringRequired
put
/org/{orgId}/project/{projectId}/move
200Success

hashtag
List all project issue paths

get

Required permissions

  • View Project
  • View Project Snapshot
Path parameters
orgIdstringRequired

The organization ID. The API_KEY must have access to this organization.

Example: 4a18d42f-0706-4ad0-b127-24078731fbed
projectIdstringRequired

The project ID for which to return issue paths.

Example: 6d5813be-7e6d-4ab8-80c2-1e3e2a454545
issueIdstringRequired

The issue ID for which to return issue paths.

Example: SNYK-JS-LODASH-590103
Query parameters
snapshotIdstringOptional

The project snapshot ID for which to return issue paths. If set to latest, the most recent snapshot will be used. Use the "List all project snapshots" endpoint to find suitable values for this.

Example: 6d5813be-7e6d-4ab8-80c2-1e3e2a454553
perPagenumber · doubleOptional

The number of results to return per page (1 - 1000, inclusive).

Example: 3
pagenumber · doubleOptional

The page of results to return.

Example: 2
Responses
chevron-right
200Success
application/json
get
/org/{orgId}/project/{projectId}/issue/{issueId}/paths
200Success

hashtag
Get Project dependency graph

get

Required permissions

  • View Organization
  • View Project
  • View Project Snapshot
Path parameters
orgIdstringRequired

The organization ID. The API_KEY must have access to this organization.

Example: 4a18d42f-0706-4ad0-b127-24078731fbed
projectIdstringRequired

The project ID to return issues for.

Example: 6d5813be-7e6d-4ab8-80c2-1e3e2a454545
Responses
chevron-right
200
  • A reference implementation of the graph, as well as conversion functions to/from legacy tree format, can be found at: https://github.com/snyk/dep-graph.
  • The object might contain additional fields in the future, in a backward-compatible way (schemaVersion will change accordingly).
application/json
get
/org/{orgId}/project/{projectId}/dep-graph
200
  • A reference implementation of the graph, as well as conversion functions to/from legacy tree format, can be found at: https://github.com/snyk/dep-graph.
  • The object might contain additional fields in the future, in a backward-compatible way (schemaVersion will change accordingly).

hashtag
Deactivate a project

post

Deactivating a project will:

  • Disable pull request tests for new vulnerabilities.
  • Disable Fix pull request from being opened for newly disclosed vulnerabilities.
  • Disable recurring tests - email alerts about newly disclosed vulnerabilities will be turned off.
  • If the repository has no other active projects, then remove any webhooks related to the project.

Required permissions

  • View Organization
  • View Project
  • Project Status
Path parameters
orgIdstringRequired

The organization ID the project belongs to. The API_KEY must have access to this organization.

Example: 4a18d42f-0706-4ad0-b127-24078731fbed
projectIdstringRequired

The project ID.

Example: 463c1ee5-31bc-428c-b451-b79a3270db08
Responses
chevron-right
200Success
post
/org/{orgId}/project/{projectId}/deactivate
200Success
No content

hashtag
Applying attributes

post

Attributes are static and non-configurable fields which allow to add additional metadata to a project. Attributes have a pre-defined list of values that a user can select from.

Business criticality Environment Lifecycle stage
critical frontend production
high backend development
medium internal sandbox
low external
mobile
saas
onprem
hosted
distributed
Applies an attribute to the provided project.
It is possible to assign multiple values to each attribute, but you can only assign values to one of the predefined attribute categories, using the predefined options for this category.
Assigning an attribute requires the caller to be either an Organization Administrator or a Group Administrator.
Assigning an attribute will override any existing values that the specific attribute already has set.
In order to clear out an attribute value, an empty array can be set.

Note: Organization admins can add an attribute to a Project. However, only Group admins can modify Project attributes in cases where attributes match a policy, because policies can only be managed by Group admins.

Required permissions

  • View Organization
  • View Project
  • Edit Project Attributes
Path parameters
orgIdstringRequired

The organization ID. The API_KEY must have access to this organization.

Example: 4a18d42f-0706-4ad0-b127-24078731fbed
projectIdstringRequired

The project ID to remove a tag from

Example: 6d5813be-7e6d-4ab8-80c2-1e3e2a454545
Body
Responses
chevron-right
200Success
application/json
post
/org/{orgId}/project/{projectId}/attributes
200Success

hashtag
List all Aggregated issues

post

Required permissions

  • View Project
  • View Project Snapshot
Path parameters
orgIdstringRequired

The organization ID. The API_KEY must have access to this organization.

Example: 4a18d42f-0706-4ad0-b127-24078731fbed
projectIdstringRequired

The project ID to return issues for.

Example: 6d5813be-7e6d-4ab8-80c2-1e3e2a454545
Body
includeDescriptionbooleanOptional

If set to true, Include issue's description, if set to false (by default), it won't (Non-IaC projects only)

includeIntroducedThroughbooleanOptional

If set to true, include the dockerfile instruction that the issue is introducedThrough. If set to false (default), it won’t. This only applies to Container projects with an associated Dockerfile (CLI or Container Registry source)

Responses
chevron-right
200Success
application/json
post
/org/{orgId}/project/{projectId}/aggregated-issues
200Success

hashtag
Activate a project

post

Activating a project will:

  • Add a repository webhook for supported integrations.
  • Enable pull request tests for new vulnerabilities.
  • Open Fix pull request for newly disclosed vulnerabilities.
  • Enable recurring tests, sending email alerts about newly disclosed vulnerabilities.

Required permissions

  • View Organization
  • View Project
  • Project Status
Path parameters
orgIdstringRequired

The organization ID the project belongs to. The API_KEY must have access to this organization.

Example: 4a18d42f-0706-4ad0-b127-24078731fbed
projectIdstringRequired

The project ID.

Example: 463c1ee5-31bc-428c-b451-b79a3270db08
Responses
chevron-right
200Success
post
/org/{orgId}/project/{projectId}/activate
200Success
No content
PreviousPoliciesNextProjects

Last updated

Was this helpful?