Support
API docs
Product updates Sign up for free

Snyk API

The Snyk API is available only for Enterprise plans.

For more information, see Plans and pricing.

The Snyk API allows Enterprise customers to integrate programmatically with Snyk.

Snyk extensibility and the Snyk API enable developers to tune Snyk security automation to their specific workflows, ensuring consistency in both developer experience and platform governance. The Snyk REST API and the Snyk V1 API are available for you to use when you decide to use an API rather than the CLI or an integration.

Snyk REST API

The Snyk REST API is based on the OpenAPI and JSON:API standards and represents an evolutionary approach to API development, with each endpoint versioned. For more information, see Versioning in the reference docs.

Snyk V1 API (superseded by the REST API)

The Snyk V1 API will be sunset eventually, as further Snyk developments and maintenance iare now focused on REST-specific APIs.

The Snyk V1 API has the ability to test a package for issues as they are defined by Snyk, and to provide Snyk security automation according to your own workflows, unconstrained by security processes in Snyk products. Customers and partners can perform functions including:

  • Accessing vulnerability data

  • Scanning Projects and applications

  • Receiving remediation advice

  • Viewing user data to build custom security solutions

When to use the API versus the CLI or an integration

Use the API when you want to customize, integrate, and automate Snyk security as part of your specific workflows.

Note that there may be differences in the output of the API, the CLI, and integrations.

For example, for many package managers using the API will be less accurate than running the Snyk CLI as part of your build pipe or locally on your package. More than one version of a package may fit the requirements in manifest files. Running the CLI locally tests the actual deployed code, and has an accurate snapshot of the dependency versions in use. The API infers a snapshot, with inferior accuracy. Note that the Snyk CLI can output machine-readable JSON (snyk test --json).

You can allow Snyk access to your development flow by using Snyk integrations. The advantage is having Snyk monitor every new pull request and suggest fixes by opening new pull requests. You can integrate Snyk directly with your source code management (SCM) tool, or by using a Broker to allow greater security and auditability.

PreviousProxy configuration for Snyk CLINextIndex to API endpoints (WIP)

Last updated

More information

Snyk privacy policy

© 2023 Snyk Limited | All product and company names and logos are trademarks of their respective owners.