SupportSnyk LearnAPI referenceProduct updatesSign up for free

SBOM

This document uses the REST API. For more details, see the Authentication for API page.

Get a project’s SBOM document

get

This endpoint lets you retrieve the SBOM document of a software project. It supports the following formats:

  • CycloneDX version 1.6 in JSON (set format to cyclonedx1.6+json).
  • CycloneDX version 1.6 in XML (set format to cyclonedx1.6+xml).
  • CycloneDX version 1.5 in JSON (set format to cyclonedx1.5+json).
  • CycloneDX version 1.5 in XML (set format to cyclonedx1.5+xml).
  • CycloneDX version 1.4 in JSON (set format to cyclonedx1.4+json).
  • CycloneDX version 1.4 in XML (set format to cyclonedx1.4+xml).
  • SPDX version 2.3 in JSON (set format to spdx2.3+json).

By default it will respond with an empty JSON:API response.

Authorizations
Path parameters
org_idstring · uuidrequired

Unique identifier for an organization

project_idstring · uuidrequired

Unique identifier for a project

Query parameters
versionstringrequired

Requested API version

Example: 2021-06-04
Pattern: ^(wip|work-in-progress|experimental|beta|((([0-9]{4})-([0-1][0-9]))-((3[01])|(0[1-9])|([12][0-9]))(~(wip|work-in-progress|experimental|beta))?))$
formatstring · enumoptional

The desired SBOM format of the response.

Example: cyclonedx1.6+json
Options: cyclonedx1.6+json, cyclonedx1.6+xml, cyclonedx1.5+json, cyclonedx1.5+xml, cyclonedx1.4+json, cyclonedx1.4+xml, spdx2.3+json
excludestring · enum[]optional

An array of features to be excluded from the generated SBOM.

Responses
curl -L \
  --url 'https://api.snyk.io/rest/orgs/{org_id}/projects/{project_id}/sbom?version=text' \
  --header 'Authorization: Bearer YOUR_SECRET_TOKEN'
{
  "ANY_ADDITIONAL_PROPERTY": "anything"
}

Returns the SBOM document of a project

PreviousReporting API (v1)NextSastSettings

Last updated

Was this helpful?

Revision created

Add comment to emphasize required filters hidden in GitBook collapsed field