openapi: 3.0.3 info: title: Snyk Container API description: >- Snyk Container provides vulnerability scanning and remediation for container images, Kubernetes workloads, and Helm charts. The API enables organizations to integrate container security scanning into CI/CD pipelines, manage projects, retrieve vulnerability findings, and apply fixes programmatically. version: 2024-10-15 contact: name: Snyk Support url: https://support.snyk.io/ license: name: Proprietary url: https://snyk.io/policies/terms-of-service/ servers: - url: https://api.snyk.io/rest description: Snyk US-01 (default) - url: https://api.us.snyk.io/rest description: Snyk US-02 - url: https://api.eu.snyk.io/rest description: Snyk EU-01 - url: https://api.au.snyk.io/rest description: Snyk AU-01 security: - BearerAuth: [] tags: - name: Container Projects description: Manage Snyk Container scanning projects - name: Issues description: Retrieve container vulnerability issues - name: Organizations description: Manage organizations and members - name: Targets description: Manage scan targets (images, registries) paths: /orgs/{org_id}/projects: get: operationId: listContainerProjects summary: List Container Projects description: List all container scanning projects within an organization, optionally filtered by type. tags: - Container Projects parameters: - name: org_id in: path required: true description: The unique identifier of the Snyk organization schema: type: string format: uuid - name: version in: query required: true description: API version date string (e.g. 2024-10-15) schema: type: string default: '2024-10-15' - name: types in: query required: false description: Filter by project type (e.g. dockerfileFromScm, containerRegistryImage) schema: type: array items: type: string enum: - dockerfileFromScm - containerRegistryImage - kubernetesMonitor - helmRelease - name: limit in: query required: false description: Number of results per page (max 100) schema: type: integer default: 10 maximum: 100 - name: starting_after in: query required: false description: Cursor for pagination — items after this cursor schema: type: string responses: '200': description: List of container projects content: application/vnd.api+json: schema: $ref: '#/components/schemas/ProjectsResponse' '401': description: Unauthorized '403': description: Forbidden /orgs/{org_id}/projects/{project_id}: get: operationId: getContainerProject summary: Get Container Project description: Retrieve details of a specific container scanning project. tags: - Container Projects parameters: - name: org_id in: path required: true schema: type: string format: uuid - name: project_id in: path required: true schema: type: string format: uuid - name: version in: query required: true schema: type: string default: '2024-10-15' responses: '200': description: Container project details content: application/vnd.api+json: schema: $ref: '#/components/schemas/ProjectResponse' '404': description: Project not found delete: operationId: deleteContainerProject summary: Delete Container Project description: Delete a container scanning project. tags: - Container Projects parameters: - name: org_id in: path required: true schema: type: string format: uuid - name: project_id in: path required: true schema: type: string format: uuid - name: version in: query required: true schema: type: string responses: '204': description: Project deleted '404': description: Project not found /orgs/{org_id}/issues: get: operationId: listContainerIssues summary: List Container Issues description: List vulnerability issues found in container scans for an organization, with filtering by severity, status, and type. tags: - Issues parameters: - name: org_id in: path required: true schema: type: string format: uuid - name: version in: query required: true schema: type: string default: '2024-10-15' - name: scan_item.type in: query required: false description: Filter issues by scan item type schema: type: string enum: - project - name: scan_item.id in: query required: false description: Filter issues by project ID schema: type: string format: uuid - name: severity in: query required: false description: Filter by severity level schema: type: array items: type: string enum: - critical - high - medium - low - name: status in: query required: false schema: type: array items: type: string enum: - open - resolved - ignored - name: limit in: query required: false schema: type: integer default: 10 maximum: 100 responses: '200': description: List of container vulnerability issues content: application/vnd.api+json: schema: $ref: '#/components/schemas/IssuesResponse' /orgs/{org_id}/targets: get: operationId: listTargets summary: List Targets description: List all targets (container registries, image sources) for an organization. tags: - Targets parameters: - name: org_id in: path required: true schema: type: string format: uuid - name: version in: query required: true schema: type: string default: '2024-10-15' - name: limit in: query required: false schema: type: integer default: 10 responses: '200': description: List of targets content: application/vnd.api+json: schema: $ref: '#/components/schemas/TargetsResponse' post: operationId: createTarget summary: Create Target description: Create a new container registry target for scanning. tags: - Targets parameters: - name: org_id in: path required: true schema: type: string format: uuid - name: version in: query required: true schema: type: string requestBody: required: true content: application/vnd.api+json: schema: $ref: '#/components/schemas/TargetCreateRequest' responses: '201': description: Target created content: application/vnd.api+json: schema: $ref: '#/components/schemas/TargetResponse' '400': description: Invalid request /orgs/{org_id}/targets/{target_id}: get: operationId: getTarget summary: Get Target description: Retrieve details of a specific container scan target. tags: - Targets parameters: - name: org_id in: path required: true schema: type: string format: uuid - name: target_id in: path required: true schema: type: string format: uuid - name: version in: query required: true schema: type: string responses: '200': description: Target details content: application/vnd.api+json: schema: $ref: '#/components/schemas/TargetResponse' '404': description: Target not found delete: operationId: deleteTarget summary: Delete Target description: Remove a container scan target. tags: - Targets parameters: - name: org_id in: path required: true schema: type: string format: uuid - name: target_id in: path required: true schema: type: string format: uuid - name: version in: query required: true schema: type: string responses: '204': description: Target deleted /orgs/{org_id}/projects/{project_id}/sbom: get: operationId: getProjectSbom summary: Get Project SBOM description: Generate and retrieve an SBOM (Software Bill of Materials) for a container project. tags: - Container Projects parameters: - name: org_id in: path required: true schema: type: string format: uuid - name: project_id in: path required: true schema: type: string format: uuid - name: version in: query required: true schema: type: string - name: format in: query required: false description: SBOM format schema: type: string enum: - cyclonedx1.4+json - cyclonedx1.4+xml - spdx2.3+json responses: '200': description: SBOM document content: application/json: schema: type: object application/xml: schema: type: object /orgs/{org_id}/packages/issues: get: operationId: listPackageIssues summary: List Package Issues description: List known vulnerabilities for packages found in container images. tags: - Issues parameters: - name: org_id in: path required: true schema: type: string format: uuid - name: version in: query required: true schema: type: string - name: purl in: query required: false description: Package URL (purl) to filter issues schema: type: string responses: '200': description: Package vulnerability issues content: application/vnd.api+json: schema: $ref: '#/components/schemas/IssuesResponse' components: securitySchemes: BearerAuth: type: http scheme: bearer description: Snyk API token obtained from your Snyk account settings schemas: ProjectsResponse: type: object properties: data: type: array items: $ref: '#/components/schemas/Project' links: $ref: '#/components/schemas/PaginationLinks' ProjectResponse: type: object properties: data: $ref: '#/components/schemas/Project' Project: type: object properties: id: type: string format: uuid description: Unique project identifier type: type: string enum: - project attributes: type: object properties: name: type: string description: Project name (usually image:tag) type: type: string enum: - containerRegistryImage - dockerfileFromScm - kubernetesMonitor - helmRelease status: type: string enum: - active - inactive created: type: string format: date-time read_only: type: boolean tags: type: array items: type: object properties: key: type: string value: type: string settings: type: object properties: recurring_tests: type: object properties: frequency: type: string enum: - daily - weekly - never IssuesResponse: type: object properties: data: type: array items: $ref: '#/components/schemas/Issue' links: $ref: '#/components/schemas/PaginationLinks' Issue: type: object properties: id: type: string description: Unique issue identifier type: type: string enum: - issue attributes: type: object properties: key: type: string description: Vulnerability identifier (e.g. CVE-2021-44228) title: type: string description: Human-readable vulnerability title type: type: string enum: - package_vulnerability - license - cloud - custom severity: type: string enum: - critical - high - medium - low status: type: string enum: - open - resolved - ignored created_at: type: string format: date-time updated_at: type: string format: date-time ignored: type: boolean resolved: type: boolean coordinates: type: array items: type: object properties: remedies: type: array items: type: object properties: type: type: string enum: - indeterminate - manual - automatic description: type: string details: type: object properties: upgrade_package: type: string TargetsResponse: type: object properties: data: type: array items: $ref: '#/components/schemas/Target' links: $ref: '#/components/schemas/PaginationLinks' TargetResponse: type: object properties: data: $ref: '#/components/schemas/Target' Target: type: object properties: id: type: string format: uuid type: type: string enum: - target attributes: type: object properties: display_name: type: string description: Human-readable target name url: type: string description: Container registry URL created_at: type: string format: date-time is_private: type: boolean TargetCreateRequest: type: object required: - data properties: data: type: object required: - type - attributes properties: type: type: string enum: - target attributes: type: object required: - display_name - url properties: display_name: type: string description: Name for this target url: type: string description: Container registry URL PaginationLinks: type: object properties: prev: type: string description: URL for previous page next: type: string description: URL for next page first: type: string description: URL for first page last: type: string description: URL for last page