Reports API

Overview

This resource represents reports.

This topic showcases the API requests and responses for getting the following types of reports:

  • Inventory report for an organization, product or project

  • Source File Inventory report for an organization, product or project

  • Due Diligence report for an organization, product or project

  • Attribution report for a product or project

  • Product Comparison report

  • Project Comparison report

  • Custom Attribute Values report for an organization, product or project

  • Library Location report for an organization or product

  • License Compatibility report for a product or project

  • Effective Licenses report for an organization or product

  • In-House report for an organization, product or project

  • Risk report in PDF format for an organization, product or project

  • Vulnerabilities report for an organization, product or project

  • Container Vulnerabilities report for an organization or cluster

  • Effective Usage Analysis report

  • Alerts report for an organization, product or project

  • Ignored Alerts report for an organization, product or project

  • Resolved Alerts report for an organization, product or project

  • Change Log History report

  • Request History report for an organization, product or project

  • Plugin Request History report

  • Members report for an organization, product or project

NOTE: The following APIs are not supported if Vulnerability-based Alerting (see Security Alerts: View By Vulnerability) is installed; they will be deprecated in January 2022:

  • getOrganizationAlertsReport, getProductAlertsReport, getProjectAlertsReport

  • getOrganizationIgnoredAlertsReport, getProductIgnoredAlertsReport, getProjectIgnoredAlertsReport

  • getOrganizationResolvedAlertsReport, getProductResolvedAlertsReport, getProjectResolvedAlertsReport

Get Inventory Report

The Inventory report provides a BOM (Bill Of Materials) of all open source libraries in the account. It can present libraries by organization as well as by product (application).

This API request enables you to export organization, product or project-level inventory reports in Excel (xlsx), XML (xml) or JSON (json) format. The default format is Excel (xlsx).

Organization

Get Inventory report for an organization.

QUERY PARAMETERS

Parameter

Description

Type

Required

Parameter

Description

Type

Required

requestType

API request type that returns an Inventory report for an organization.

string

Yes

userKey

The ID of the user’s profile, which uniquely identifies the user in WhiteSource.

string

Yes

orgToken

API key which is a unique identifier of the organization.

string

Yes

format

Requested format of the report. Options are: xlsx (default), xml, or json.

string

Yes

Request Example

1 2 3 4 5 6 {     "requestType" : "getOrganizationInventoryReport",      "userKey": "user_key",     "orgToken" : "organization_api_key",     "format" : "xlsx" }

Response in Excel Format

The response to the above example in xlsx format will have the following headers:

  • Content-Type = application/vnd.openxmlformats-officedocument.spreadsheetml.sheet

  • Content-Disposition: attachment; filename=<organization name>.xlsx

Response in XML Format

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 <?xml version="1.0" encoding="UTF-8"?> <inventory>     <library>         <name>json-schema-0.2.3.tgz</name>         <group>json-schema</group>         <artifact>json-schema-0.2.3.tgz</artifact>         <version>0.2.3</version>         <type>javascript/Node.js</type>         <sha1>b480c892e59a2f05954ce727bd3f2a4e882f9e13</sha1>         <description>JSON Schema validation and specifications</description>         <licenses>             <license>Academic 2.1</license>             <license>BSD 3</license>         </licenses>         <matchType>Filename Match</matchType>         <projects>             <project>tenantmetaserv (transitiveDependency)</project>         </projects>         <attribute name="att7"/>     </library>     .......

Response in JSON Format

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 {     "libraries": [         {             "keyUuid": "36466e69-bda1-43d3-9962-6f3a341720b9",             "type": "javascript/Node.js",             "productName": "Platform_Develop",             "projectName": "tenantmetaserv",             "description": "JSON Schema validation and specifications",             "directDependency": false,             "matchType": "Filename Match",             "sha1": "b480c892e59a2f05954ce727bd3f2a4e882f9e13",             "name": "json-schema-0.2.3.tgz",             "artifactId": "json-schema-0.2.3.tgz",             "version": "0.2.3",             "groupId": "json-schema",             "licenses": [                 {                     "name": "Academic 2.1",                     "references": []                 },                 {                     "name": "BSD 3",                     "references": []                 }             ]         },         ........     

Back to top.

Product

Get Inventory report for a product.

QUERY PARAMETERS

Parameter

Description

Type

Required

Parameter

Description

Type

Required

requestType

API request type that returns an Inventory report for a specific product.

string

Yes

userKey

The ID of the user’s profile, which uniquely identifies the user in WhiteSource.

string

Yes

productToken

API key which is a unique identifier of the product.

string

Yes

format

Requested format of the report. Options are: xlsx (default), xml, or json.

string

Yes

Request Example

1 2 3 4 5 6 {     "requestType" : "getProductInventoryReport",      "userKey": "user_key",     "productToken" : "product_token",     "format" : "xlsx" }

Response Format

The response to the above request example (xlsx format) will have the following headers:

  • Content-Type = application/vnd.openxmlformats-officedocument.spreadsheetml.sheet

  • Content-Disposition: attachment; filename=<product name>.xlsx

Back to top.

Project

Get Inventory report for a project.

QUERY PARAMETERS

Parameter

Description

Type

Required

Parameter

Description

Type

Required

requestType

API request type that returns an Inventory report for a specific project.

string

Yes

userKey

The ID of the user’s profile, which uniquely identifies the user in WhiteSource.

string

Yes

projectToken

API key which is a unique identifier of the project.

string

Yes

format

Requested format of the report. Options are: xlsx (default), xml, or json.

string

Yes

Request Example

1 2 3 4 5 6 {     "requestType" : "getProjectInventoryReport",      "userKey": "user_key",     "projectToken" : "project_token",     "format" : "xlsx" }

Response Format

The response to the above request example (xlsx format) will have the following headers:

  • Content-Type = application/vnd.openxmlformats-officedocument.spreadsheetml.sheet

  • Content-Disposition: attachment; filename=<project name>.xlsx

Back to top.

Get Source File Inventory Report

The Source File Inventory report enables you to view source files that are matched to a library in your inventory.

This API request enables you to get organization, product or project-level source file inventory reports in Excel (xlsx) or JSON (json) format.

Organization

Get Source File Inventory report for an organization.

QUERY PARAMETERS

Parameter

Description

Type

Required

Parameter

Description

Type

Required

requestType

API request type that returns a Source File Inventory report for an organization.

string

Yes

userKey

The ID of the user’s profile, which uniquely identifies the user in WhiteSource.

string

Yes

orgToken

API key which is a unique identifier of the organization.

string

Yes

format

Requested format of the report. Options are: xlsx (default) or json.

string

Yes

Request Example

1 2 3 4 5 6 {     "requestType" : "getOrganizationSourceFileInventoryReport",     "userKey": "user_key",     "orgToken" : "organization_api_key",     "format" : "json" }

Response in JSON Format

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 {     "sourceFiles": [         {             "library": {                 "artifactId": "git",                 "version": "v2.25.0",                 "licenses": [                     {                         "name": "GPL 3.0",                         "references": []                     },                     {                         "name": "GPL 2.0",                         "references": []                     },                     {                         "name": "LGPL 2.1",                         "references": []                     }                 ]             },             "filename": "abspath.c",             "sha1": "d6215949ebe7cc6ddfcb103e9657057bcb8fbaa1",             "path": "C:\\Users\\TaliaSela\\Projects\\git\\abspath.c",             "productName": "git",             "projectName": "my-proj",             "lastUpdatedDate": "2020-02-03 20:45:38",             "matchType": "AUTOMATIC"         },         ..........

Response in Excel Format

The response will have the following headers:

  • Content-Type = application/vnd.openxmlformats-officedocument.spreadsheetml.sheet

  • Content-Disposition: attachment; filename=<organization name>.xlsx

Back to top.

Product

Get Source File Inventory report for a product.

QUERY PARAMETERS

Parameter

Description

Type

Required

Parameter

Description

Type

Required

requestType

API request type that returns a Source File Inventory report for a product.

string

Yes

userKey

The ID of the user’s profile, which uniquely identifies the user in WhiteSource.

string

Yes

productToken

API key which is a unique identifier of the product.

string

Yes

format

Requested format of the report. Options are: xlsx (default) or json.

string

Yes

Request Example

1 2 3 4 5 6 {     "requestType" : "getProductSourceFileInventoryReport",     "userKey": "user_key",     "productToken" : "product_token",     "format" : "json" }

Response in JSON Format

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 {     "sourceFiles": [         {             "library": {                 "artifactId": "portofino",                 "version": "portofino-4.2.8-javadoc",                 "licenses": [                     {                         "name": "LGPL 3.0",                         "references": []                     }                 ]             },             "filename": "script.js",             "sha1": "a6717beac050d49869c234af4e409404b5593260",             "path": "/RxJava/build/docs/javadoc/io/reactivex/rxjava3/functions/../../../../script.js",             "productName": "GH_1_RxJava",             "projectName": "GH_RxJava",             "lastUpdatedDate": "2016-09-11 21:52:01",             "matchType": "AUTOMATIC"         }     ] }

Response in Excel Format

The response will have the following headers:

  • Content-Type = application/vnd.openxmlformats-officedocument.spreadsheetml.sheet

  • Content-Disposition: attachment; filename=<product name>.xlsx

Back to top.

Project

Get Source File Inventory report for a project.

QUERY PARAMETERS

Parameter

Description

Type

Required

Parameter

Description

Type

Required

requestType

API request type that returns a Source File Inventory report for a project.

string

Yes

userKey

The ID of the user’s profile, which uniquely identifies the user in WhiteSource.

string

Yes

projectToken

API key which is a unique identifier of the project.

string

Yes

format

Requested format of the report. Options are: xlsx (default) or json.

string

Yes

Request Example

1 2 3 4 5 6 {     "requestType" : "getProjectSourceFileInventoryReport",     "userKey": "user_key",     "projectToken" : "project_token",     "format" : "xlsx" }

Response Format

The response will have the following headers:

  • Content-Type = application/vnd.openxmlformats-officedocument.spreadsheetml.sheet

  • Content-Disposition: attachment; filename=<product name>.xlsx

Back to top.

Get Due Diligence Report

This report provides due diligence related information for each open-source library in order to comply with the relevant legal requirements. For details, see https://whitesource.atlassian.net/wiki/pages/createpage.action?spaceKey=WD&title=Due%20Diligence%20Report&linkCreation=true&fromPageId=1730543766.

The API request enables you to get organization, product, or project-level Due Diligence reports in Excel (xlsx), XML (xml), or JSON (json) format.

Organization

Get Due Diligence report for an organization.

QUERY PARAMETERS

Parameter

Description

Type

Required

Parameter

Description

Type

Required

requestType

API request type that returns a Due Diligence report for an organization.

string

Yes

userKey

The ID of the user’s profile, which uniquely identifies the user in WhiteSource.

string

Yes

orgToken

API key which is a unique identifier of the organization.

string

Yes

format

Requested format of the report. Options are: xlsx (default) or json.

string

Yes

Request Example

1 2 3 4 5 6 {     "requestType" : "getOrganizationDueDiligenceReport",     "userKey": "user_key",     "orgToken" : "organization_api_key",     "format" : "xlsx" }

Response in Excel Format

The response to the above example in xlsx format will have the following headers:

  • Content-Type = application/vnd.openxmlformats-officedocument.spreadsheetml.sheet

  • Content-Disposition: attachment; filename=<organization name>.xlsx

Response in JSON Format

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 {     "licenses": [         {             "type": "Open Source",             "riskScore": 39,             "library": "commons-beanutils-1.8.0.jar",             "reference": "https://repo.maven.apache.org/maven2/commons-beanutils/commons-beanutils/1.8.0/commons-beanutils-1.8.0.pom",             "copyright": "2000-2008 Copyright 2000-2008 The Apache Software Foundation",             "homepage": "http://www.apache.org/",             "author": "The Apache Software Foundation",             "projectName": "Demo Data",             "productName": "Demo Product",             "reference_type": "POM file",             "name": "Apache 2.0"         },         {             "type": "Open Source",             "riskScore": 39,             "library": "commons-logging-1.1.1.jar",             "reference": "https://repo.maven.apache.org/maven2/commons-logging/commons-logging/1.1.1/commons-logging-1.1.1.pom",             "copyright": "2001-2007 Copyright 2001-2007 The Apache Software Foundation",             "homepage": "http://www.apache.org/",             "author": "The Apache Software Foundation",             "projectName": "Demo Data",             "productName": "Demo Product",             "reference_type": "POM file",             "name": "Apache 2.0"         },         .........        

Back to top.

Product

Get Due Diligence report for a product.

QUERY PARAMETERS

Parameter

Description

Type

Required

Parameter

Description

Type

Required

requestType

API request type that returns a Due Diligence report for a specific product.

string

Yes

userKey

The ID of the user’s profile, which uniquely identifies the user in WhiteSource.

string

Yes

productToken

API key which is a unique identifier of the product.

string

Yes

format

Requested format of the report. Options are: xlsx (default), xml, or json.

string

Yes

Request Example

1 2 3 4 5 6 {     "requestType" : "getProductDueDiligenceReport",      "userKey": "user_key",     "productToken" : "product_token",     "format" : "json" }

Response in JSON Format

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 {     "licenses": [         {             "type": "Open Source",             "riskScore": 39,             "library": "commons-beanutils-1.8.0.jar",             "reference": "https://repo.maven.apache.org/maven2/commons-beanutils/commons-beanutils/1.8.0/commons-beanutils-1.8.0.pom",             "copyright": "2000-2008 Copyright 2000-2008 The Apache Software Foundation",             "homepage": "http://www.apache.org/",             "author": "The Apache Software Foundation",             "projectName": "Demo Data",             "productName": "Demo Product",             "reference_type": "POM file",             "name": "Apache 2.0"         },         {             "type": "Open Source",             "riskScore": 39,             "library": "commons-logging-1.1.1.jar",             "reference": "https://repo.maven.apache.org/maven2/commons-logging/commons-logging/1.1.1/commons-logging-1.1.1.pom",             "copyright": "2001-2007 Copyright 2001-2007 The Apache Software Foundation",             "homepage": "http://www.apache.org/",             "author": "The Apache Software Foundation",             "projectName": "Demo Data",             "productName": "Demo Product",             "reference_type": "POM file",             "name": "Apache 2.0"         },         .......      

Response in Excel Format

The response to the above example in xlsx format will have the following headers:

  • Content-Type = application/vnd.openxmlformats-officedocument.spreadsheetml.sheet

  • Content-Disposition: attachment; filename=<product name>.xlsx

Back to top.

Project

Get Due Diligence report for a product.

QUERY PARAMETERS

Parameter

Description

Type

Required

Parameter

Description

Type

Required

requestType

API request type that returns a Due Diligence report for a specific project.

string

Yes

userKey

The ID of the user’s profile, which uniquely identifies the user in WhiteSource.

string

Yes

projectToken

API key which is a unique identifier of the project.

string

Yes

format

Requested format of the report. Options are: xlsx (default), xml, or json.

string

Yes

Request Example

1 2 3 4 5 6 {     "requestType" : "getProjectDueDiligenceReport",      "userKey": "user_key",     "projectToken" : "project_token",     "format" : "json" }

Response in JSON Format

1 2 3 4 5 6 7 8 9 10 11 12 13 14 {     "licenses": [         {             "type": "Closed Source",             "library": "wss-unified-agent.jar",             "reference": "http://whitesourcesoftware.com/",             "copyright": "Unspecified Copyright",             "projectName": "temp",             "productName": "Demo Product",             "reference_type": "Project home page",             "name": "Suspected Proprietary"         }     ] }

Response in Excel Format

The response to the above request in xlsx format will have the following headers:

  • Content-Type = application/vnd.openxmlformats-officedocument.spreadsheetml.sheet

  • Content-Disposition: attachment; filename=<product name>.xlsx

Back to top.

Get Attribution Report

The Attribution Report details compliance information on open source software components managed in WhiteSource products and projects. 

This API request allows users to get the exported version of the Attribution report, at the product or project-level scope, in HTML or text format.

Product

Get Attribution Report for a product.

QUERY PARAMETERS

Parameter

Description

Type

Required

Parameter

Description

Type

Required

requestType

API request type that returns an Attribution report with for a specific product.

string

Yes

userKey

The ID of the user’s profile, which uniquely identifies the user in WhiteSource.

string

Yes

productToken

API key which is a unique identifier of the product.

string

Yes

reportHeader

Report header - default value is Attribution Report.

string

No

reportTitle

Text that you want to appear in the report title.

string

No

reportFooter

Text that you want to appear in the footer of the report.

string

No

reportingScope

Scope of the information to be included in the report. By default, the following:

  • Summary

  • Licenses

  • Copyrights

  • Notices

  • Primary attributes

string

No

reportingAggregationMode

How to group the information in the report - according to the library (i.e. BY_COMPONENT) or by project (BY_PROJECT).

string

Yes

missingLicenseDisplayOption

What to write if the license is missing. Options are: “BLANK” (default) or “GENERIC_LICENSE”.

string

No

exportFormat

Format of exported report: TXT, HTML, or JSON. Case insensitive.

string

No

licenseReferenceTextPlacement

LICENSE_SECTION (default) or APPENDIX_SECTION.

string

No

customAttribute

Name of custom attribute for the product.

string

No

includeVersions

“true” (default) or “false”. If set to “false”, the report will not include the “version” field.

boolean

No

Request Example

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 {     "requestType": "getProductAttributionReport",     "productToken" : "product_token",     "userKey": "user_key",     "reportHeader": "header_text", // Default "Attribution Report"     "reportTitle": "title_text", // Default ""     "reportFooter": "footer_text", // Default ""     "reportingScope": ( SUMMARY | LICENSES | COPYRIGHTS | NOTICES | PRIMARY_ATTRIBUTES), // Default all options (SUMMARY, LICENSES, COPYRIGHTS, NOTICES, PRIMARY_ATTRIBUTES)     "reportingAggregationMode": ( BY_COMPONENT | BY_PROJECT ), // Mandatory     "missingLicenseDisplayOption": ( BLANK | GENERIC_LICENSE ), // Default "BLANK"     "exportFormat": ( TXT | HTML | JSON ), // Case insensitive     "licenseReferenceTextPlacement": ( LICENSE_SECTION | APPENDIX_SECTION ), // Default "LICENSE_SECTION"     "customAttribute": "custom_attribute_name",     "includeVersions": "false" // Optional parameter, default value is "true". If set to "false", the attribution report will not include the field "version". }

Response Format

The response is in text or HTML formats.

Project

Get Attribution Report for a project.

QUERY PARAMETERS

Parameter

Description

Type

Required

Parameter

Description

Type

Required

requestType

API request type that returns an Attribution report with for a specific project.

string

Yes

userKey

The ID of the user’s profile, which uniquely identifies the user in WhiteSource.

string

Yes

projectToken

API key which is a unique identifier of the project.

string

Yes

reportHeader

Report header - default value is Attribution Report.

string

No

reportTitle

Text that you want to appear in the report title.

string

No

reportFooter

Text that you want to appear in the footer of the report.

string

No

reportingScope

Scope of the information to be included in the report. By default, the following:

  • Summary

  • Licenses

  • Copyrights

  • Notices

  • Primary attributes

string

No

reportingAggregationMode

How to group the information in the report - according to the library (i.e. BY_COMPONENT) or by project (BY_PROJECT).

string

Yes

missingLicenseDisplayOption

What to write if the license is missing. Options are: “BLANK” (default) or “GENERIC_LICENSE”.

string

No

exportFormat

Format of exported report: TXT, HTML, or JSON. Case insensitive.

string

No

licenseReferenceTextPlacement

LICENSE_SECTION (default) or APPENDIX_SECTION.

string

No

customAttribute

Name of custom attribute for the project.

string

No

includeVersions

“true” (default) or “false”. If set to “false”, the report will not include the “version” field.

boolean

No

Request Example

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 {     "requestType": "getProjectAttributionReport",     "projectToken" : "project_token",     "userKey": "user_key",     "reportHeader": "header_text", // Default "Attribution Report"     "reportTitle": "title_text", // Default ""     "reportFooter": "footer_text", // Default ""     "reportingScope": ( SUMMARY | LICENSES | COPYRIGHTS | NOTICES | PRIMARY_ATTRIBUTES ), // Default all options (SUMMARY, LICENSES, COPYRIGHTS, NOTICES, PRIMARY_ATTRIBUTES)     "reportingAggregationMode": ( BY_COMPONENT | BY_PROJECT ), // Mandatory     "missingLicenseDisplayOption": ( BLANK | GENERIC_LICENSE ), // Default "BLANK"     "exportFormat": ( TXT | HTML | JSON ), // Case insensitive     "licenseReferenceTextPlacement": ( LICENSE_SECTION | APPENDIX_SECTION ), // Default "LICENSE_SECTION"     "customAttribute": "custom_attribute_name",     "includeVersions": "true" // Optional parameter, default value is "true". If set to "false", the attribution report will not include the field "version". }

Response Format

The response is in text or HTML format. 

Back to top.

Get Product Comparison Report

The Product Comparison report enables you to compare library and license information (such as, number of license occurrences) between two products.

This API request enables you to get a product comparison report in Excel format.

QUERY PARAMETERS

Parameter

Description

Type

Required

Parameter

Description

Type

Required

requestType

API request type that returns a product comparison report between two products.

string

Yes

userKey

The ID of the user’s profile, which uniquely identifies the user in WhiteSource.

string

Yes

productToken

API key which is a unique identifier of the first product.

string

Yes

productToken2

API key which is a unique identifier of the second product.

string

Yes

Request Example

1 2 3 4 5 6 {     "requestType" : "getProductComparisonReport",      "userKey": "user_key",     "productToken" : "product_token",     "productToken2" : "product_token2" }

Response Format

The response will have the following headers:

  • Content-Type = application/vnd.openxmlformats-officedocument.spreadsheetml.sheet

  • Content-Disposition: attachment; filename=<product>-<product2>-product-comparison.xlsx

Back to top.

Get Project Comparison Report

The Project Comparison report enables you to compare library and license information (such as, number of license occurrences) between two projects (in the same product or different products).

This API request enables you to get a project comparison report in Excel format.

QUERY PARAMETERS

Parameter

Description

Type

Required

Parameter

Description

Type

Required

requestType

API request type that returns a project comparison report between two projects.

string

Yes

userKey

The ID of the user’s profile, which uniquely identifies the user in WhiteSource.

string

Yes

projectToken

API key which is a unique identifier of the first project.

string

Yes

projectToken2

API key which is a unique identifier of the second project.

string

Yes

Request Example

1 2 3 4 5 6 {     "requestType" : "getProjectComparisonReport",      "userKey": "user_key",     "projectToken" : "project_token",     "projectToken2" : "project_token2" }

Response Format

The response will have the following headers:

  • Content-Type = application/vnd.openxmlformats-officedocument.spreadsheetml.sheet

  • Content-Disposition: attachment; filename=<project>-<project2>-project-comparison.xlsx

Back to top.

Get Custom Attribute Values Report

Custom attributes provide the option for adding customized metadata on a library and then filtering according to custom attribute values in the Attributes Report.

This API request returns a list of all custom attributes along with their set values for each library. This request is available at the organization, product, or project-level.

Organization

Get all custom attributes with their values for an organization.

QUERY PARAMETERS

Parameter

Description

Type

Required

Parameter

Description

Type

Required

requestType

API request type that returns custom attributes with their values for a specific organization.

string

Yes

userKey

The ID of the user’s profile, which uniquely identifies the user in WhiteSource.

string

Yes

orgToken

API key which is a unique identifier of the organization.

string

Yes

Request Example

1 2 3 4 5 {   "requestType":"getOrganizationCustomAttributeValues",   "userKey": "user_key",   "orgToken": "organization_api_key" }

Response Example

The response is a JSON collection of all the custom attributes in the organization with their values per library. For example:

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 {     "libraries": [         {             "keyUuid": "5c71b215-300f-49f4-99ab-98dad0a7727f",             "customAttributeValues": [                 {                     "attributeKey": "att4",                     "attributeValue": "aaaaa",                     "context": "Organizational",                     "contextId": 546628,                     "contextName": "Talia Playground",                     "contextToken": "b1e0da1542714765af9734f154c90f4a36da27750a2a4d4d96f046327bb13355"                 },                 {                     "attributeKey": "description",                     "attributeValue": "This is an org level attribute value",                     "context": "Organizational",                     "contextId": 546628,                     "contextName": "Talia Playground",                     "contextToken": "b1e0da1542714765af9734f154c90f4a36da27750a2a4d4d96f046327bb13355"                 },                 {                     "attributeKey": "att2",                     "attributeValue": "att2att2",                     "context": "Organizational",                     "contextId": 546628,                     "contextName": "Talia Playground",                     "contextToken": "b1e0da1542714765af9734f154c90f4a36da27750a2a4d4d96f046327bb13355"                 }             ]         },         .........             

Back to top.

Product

Get all custom attributes with their values for a product.

QUERY PARAMETERS

Parameter

Description

Type

Required

Parameter

Description

Type

Required

requestType

API request type that returns custom attributes with their values for a specific product.

string

Yes

userKey

The ID of the user’s profile, which uniquely identifies the user in WhiteSource.

string

Yes

productToken

API key which is a unique identifier of the product.

string

Yes

Request Example

1 2 3 4 5 {   "requestType":"getProductCustomAttributeValues",   "productToken": "product_key",   "userKey": "user_Key" }

Response Example

The response is a JSON collection of all the custom attributes with their values for the specific product. For example:

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 {     "libraries": [         {             "keyUuid": "541df6e9-a095-4ca1-9252-13696ae290dc",             "customAttributeValues": [                 {                     "attributeKey": "att9",                     "attributeValue": "sdfsd",                     "context": "Organizational",                     "contextId": 546628,                     "contextName": "Talia Playground",                     "contextToken": "b1e0da1542714765af9734f154c90f4a36da27750a2a4d4d96f046327bb13355"                 },                 {                     "attributeKey": "descrpition",                     "attributeValue": "This is an org level attribute value",                     "context": "Organizational",                     "contextId": 546628,                     "contextName": "Talia Playground",                     "contextToken": "b1e0da1542714765af9734f154c90f4a36da27750a2a4d4d96f046327bb13355"                 },                 {                     "attributeKey": "att2",                     "attributeValue": "att2att2",                     "context": "Organizational",                     "contextId": 546628,                     "contextName": "Talia Playground",                     "contextToken": "b1e0da1542714765af9734f154c90f4a36da27750a2a4d4d96f046327bb13355"                 }             ]         }     ] }

Back to top.

Project

Get all custom attributes with their values for a project.

QUERY PARAMETERS

Parameter

Description

Type

Required

Parameter

Description

Type

Required

requestType

API request type that returns custom attributes with their values for a specific project.

string

Yes

userKey

The ID of the user’s profile, which uniquely identifies the user in WhiteSource.

string

Yes

projectToken

API key which is a unique identifier of the project.

string

Yes

Request Example

1 2 3 4 5 {   "requestType":"getProjectCustomAttributeValues",   "userKey": "user_key",   "projectToken": "project_token"  }

Response Example

The response is a JSON collection of all the custom attributes with their values for the specific project. For example:

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 {     "libraries": [         {             "keyUuid": "541df6e9-a095-4ca1-9252-13696ae290dc",             "customAttributeValues": [                 {                     "organizationAttr0": "valueX",           "context": "Organizational",           "contextId": 2133534,           "contextToken": "45345345fdgdfgdfjghjlklsdf7",           "contextName": "ACME Corporation"         },         {          "productAttr1": "valueA",          "context": "Product",          "contextId": 989795,          "contextToken": "isdfsdfkh30osdf935pokwt",          "contextName": "Product A"         },         {          "projectAtt2": "value",          "context": "Project",          "contextId": 985743395,          "contextToken": "ldshwufnvo59332hfjgdg0",          "contextName": "Project A"        }     ]   } ]

Back to top.

Get Library Location Report

The Library Location report enables you to view libraries according to the location of the filename match. For details, see Matching Libraries by Filename.

NOTE: Matching libraries by filename must first be enabled via the Admin Integration Page.

This API request enables you to get organization or product-level library location reports in Excel format.

Organization

Get a report of all library locations for an organization in Excel format.

QUERY PARAMETERS

Parameter

Description

Type

Required

Parameter

Description

Type

Required

requestType

API request type that returns all library locations for a specific organization.

string

Yes

userKey

The ID of the user’s profile, which uniquely identifies the user in WhiteSource.

string

Yes

orgToken

API key which is a unique identifier of the organization.

string

Yes

Request Example

1 2 3 4 5 {     "requestType" : "getOrganizationLibraryLocationReport",      "userKey": "user_key",     "orgToken" : "organization_api_key" }

Response Format

The response will have the following headers:

  • Content-Type = application/vnd.openxmlformats-officedocument.spreadsheetml.sheet

  • Content-Disposition: attachment; filename=<organization name>.xlsx

Back to top.

Product

Get a report of all library locations for a specific product in Excel format.

QUERY PARAMETERS

Parameter

Description

Type

Required

Parameter

Description

Type

Required

requestType

API request type that returns library locations for a specific product.

string

Yes

userKey

The ID of the user’s profile, which uniquely identifies the user in WhiteSource.

string

Yes

productToken

API key which is a unique identifier of the product.

string

Yes

Request Example

1 2 3 4 5 {     "requestType" : "getProductLibraryLocationReport",      "userKey": "user_key",     "productToken" : "product_token" }

Response Format

The response will have the following headers:

  • Content-Type = application/vnd.openxmlformats-officedocument.spreadsheetml.sheet

  • Content-Disposition: attachment; filename=<product name>.xlsx

Back to top.

Get License Compatibility Report

License compatibility is a legal framework that allows for libraries with different software licenses to be distributed together in the same product or project. The License Compatibility Report provides information on the incompatibility of library licenses in a project or product. 

Product

Get the compatibility of libraries with different software licenses distributed together in the same product, in Excel format.

QUERY PARAMETERS

Parameter

Description

Type

Required

Parameter

Description

Type

Required

requestType

API request type that returns a compatibility report of library licenses in a product.

string

Yes

userKey

The ID of the user’s profile, which uniquely identifies the user in WhiteSource.

string

Yes

productToken

API key which is a unique identifier of the product.

string

Yes

Request Example

1 2 3 4 5 {     "requestType" : "getProductLicenseCompatibilityReport",     "productToken" : "product_token",     "userKey": "user_key" }

Response Format 

The response will have the following headers:

  • Content-Type = application/vnd.openxmlformats-officedocument.spreadsheetml.sheet

  • Content-Disposition: attachment; filename*=UTF-8''<Product Name>-license-compatibility-report.xlsx

Project

Get the compatibility of libraries with different software licenses distributed together in the same project, in Excel format. 

QUERY PARAMETERS

Parameter

Description

Type

Required

Parameter

Description

Type

Required

requestType

API request type that returns a compatibility report of library licenses in a project.

string

Yes

userKey

The ID of the user’s profile, which uniquely identifies the user in WhiteSource.

string

Yes

projectToken

API key which is a unique identifier of the project.

string

Yes

Request Example

1 2 3 4 5 {     "requestType" : "getProjectLicenseCompatibilityReport",     "projectToken" : "project_token",     "userKey": "user_key" }

Response Format

The response will have the following headers:

  • Content-Type = application/vnd.openxmlformats-officedocument.spreadsheetml.sheet

  • Content-Disposition: attachment; filename*=UTF-8''<Project Name>-license-compatibility-report.xlsx

Back to top.

Get Effective Licenses Report

The Effective Licenses report tracks the assignments of licenses to libraries in the inventory. Once a license is selected by a user, it will be considered that library's "effective" license from then on. This report shows information about actual library licensing and its original licenses.

This API request enables you to get organization or product-level Effective Licenses reports in Excel or XML format.

Organization

Get a report of all Effective Licenses for an organization in Excel format.

QUERY PARAMETERS

Parameter

Description

Type

Required

Parameter

Description

Type

Required

requestType

API request type that returns all Effective Licenses for a specific organization.

string

Yes

userKey

The ID of the user’s profile, which uniquely identifies the user in WhiteSource.

string

Yes

orgToken

API key which is a unique identifier of the organization.

string

Yes

Request Example

1 2 3 4 5 {     "requestType" : "getOrganizationEffectiveLicensesReport",      "userKey": "user_key",     "orgToken" : "organization_api_key" }

Response Format

The response will have the following headers:

  • Content-Type = application/vnd.openxmlformats-officedocument.spreadsheetml.sheet

  • Content-Disposition: attachment; filename=<organization name>.xlsx

Back to top.

Product

Get a report of all Effective Licenses for a product in Excel format.

QUERY PARAMETERS

Parameter

Description

Type

Required

Parameter

Description

Type

Required

requestType

API request type that returns all Effective Licenses for a specific product.

string

Yes

userKey

The ID of the user’s profile, which uniquely identifies the user in WhiteSource.

string

Yes

productToken

API key which is a unique identifier of the product.

string

Yes

Request Example

1 2 3 4 5 {     "requestType" : "getProductEffectiveLicensesReport",      "userKey": "user_key",     "productToken" : "product_token" }

Response Format

The response will have the following headers:

  • Content-Type = application/vnd.openxmlformats-officedocument.spreadsheetml.sheet

  • Content-Disposition: attachment; filename=<product name>.xlsx

Back to top.

Get In-House Report

The In-House report provides information on all the In-House libraries in the selected scope. 

This API request enables you to get organization, product, and project level in-house report(s) in Excel format.

Organization

Get a report about all In-House libraries in an organization.

QUERY PARAMETERS

Parameter

Description

Type

Required

Parameter

Description

Type

Required

requestType

API request type that returns a report about all In-House libraries for a specific organization.

string

Yes

userKey

The ID of the user’s profile, which uniquely identifies the user in WhiteSource.

string

Yes

orgToken

API key which is a unique identifier of the organization.

string

Yes

Request Example

1 2 3 4 5 {     "requestType" : "getOrganizationInHouseReport",     "orgToken" : "organization_api_key",     "userKey": "user_key" }

Response Format

The response will have the following headers:

  • Content-Type = application/vnd.openxmlformats-officedocument.spreadsheetml.sheet

  • Content-Disposition: attachment; filename=<organization name>-in-house-report.xlsx

Back to top.

Product

Get a report about all In-House libraries in a product.

QUERY PARAMETERS

Parameter

Description

Type

Required

Parameter

Description

Type

Required

requestType

API request type that returns a report about all In-House libraries in a specific product.

string

Yes

userKey

The ID of the user’s profile, which uniquely identifies the user in WhiteSource.

string

Yes

productToken

API key which is a unique identifier of the product.

string

Yes

Request Example

1 2 3 4 5 {     "requestType" : "getProductInHouseReport",     "productToken" : "product_token",     "userKey": "user_key" }

Response Format

The response will have the following headers:

  • Content-Type = application/vnd.openxmlformats-officedocument.spreadsheetml.sheet

  • Content-Disposition: attachment; filename=<product name>-in-house-report.xlsx

Back to top.

Project

Get a report about all In-House libraries in a project.

QUERY PARAMETERS

Parameter

Description

Type

Required

Parameter

Description

Type

Required

requestType

API request type that returns a report about all In-House libraries in a specific project.

string

Yes

userKey

The ID of the user’s profile, which uniquely identifies the user in WhiteSource.

string

Yes

projectToken

API key which is a unique identifier of the project.

string

Yes

Request Example

1 2 3 4 5 {     "requestType" : "getProjectInHouseReport",     "projectToken" : "project_token",     "userKey": "user_key" }

Response Format

The response will have the following headers:

  • Content-Type = application/vnd.openxmlformats-officedocument.spreadsheetml.sheet

  • Content-Disposition: attachment; filename=<project name>-in-house-report.xlsx

Back to top.

Get Risk Report

The Risk report provides a view of all aspects of the account's open-source libraries; security, quality and compliance. It can display libraries by organization, as well as by product (application). For details, see the Risk Report.

This API request enables you to export organization, product, or project-level risk reports in PDF format.

Organization

Get Risk report for an organization.

QUERY PARAMETERS

Parameter

Description

Type

Required

Parameter

Description

Type

Required

requestType

API request type that returns a report about risk in an organization.

string

Yes

userKey

The ID of the user’s profile, which uniquely identifies the user in WhiteSource.

string

Yes

orgToken

API key which is a unique identifier of the organization.

string

Yes

Request Example

1 2 3 4 5 {     "requestType" : "getOrganizationRiskReport",      "userKey": "user_key",     "orgToken" : "organization_api_key" }

Response Format

The response will have the following headers:

  • Content-Type = application/pdf

  • Content-Disposition: attachment; filename=<organization name>.pdf

Back to top.

Product

Get Risk report for a product.

QUERY PARAMETERS

Parameter

Description

Type

Required

Parameter

Description

Type

Required

requestType

API request type that returns a risk report for a specific product.

string

Yes

userKey

The ID of the user’s profile, which uniquely identifies the user in WhiteSource.

string

Yes

productToken

API key which is a unique identifier of the product.

string

Yes

Request Example

1 2 3 4 5 {     "requestType" : "getProductRiskReport",      "userKey": "user_key",     "productToken" : "product_token" }

Response Format

The response will have the following headers:

  • Content-Type = application/pdf

  • Content-Disposition: attachment; filename=<product name>.pdf

Back to top.

Project

Get Risk report for a project.

QUERY PARAMETERS

Parameter

Description

Type

Required

Parameter

Description

Type

Required

requestType

API request type that returns a risk report for a specific project.

string

Yes

userKey

The ID of the user’s profile, which uniquely identifies the user in WhiteSource.

string

Yes

projectToken

API key which is a unique identifier of the project.

string

Yes

Request Example

1 2 3 4 5 {     "requestType" : "getProjectRiskReport",      "userKey": "user_key",     "projectToken" : "project_token" }

Response Format

The response will have the following headers:

  • Content-Type = application/pdf

  • Content-Disposition: attachment; filename=<project name>.pdf

Back to top.

Get Vulnerabilities Report

The Vulnerabilities Report contains all relevant information about your vulnerabilities, such as, severity, number of occurrences, library which was found vulnerable, and so on.

This API request enables you to get organization, product or project-level reports in Excel or JSON format.

Organization

Get Vulnerabilities report for an organization.

QUERY PARAMETERS

Parameter

Description

Type

Required

Parameter

Description

Type

Required

requestType

API request type that returns a Vulnerabilities report for an organization.

string

Yes

userKey

The ID of the user’s profile, which uniquely identifies the user in WhiteSource.

string

Yes

orgToken

API key which is a unique identifier of the organization.

string

Yes

format

Requested format of the report. Options are: xlsx (default) or json.

string

Yes

Request Example

1 2 3 4 5 6 {     "requestType" : "getOrganizationReport",     "userKey": "user_key",     "orgToken" : "organization_api_key",     "format" : "xlsx" }

Response Format

The response will have the following headers:

  • Content-Type = application/vnd.openxmlformats-officedocument.spreadsheetml.sheet

  • Content-Disposition: attachment; filename=<organization name>.xlsx

Back to top.

Product

Get Vulnerabilities report for a product.

QUERY PARAMETERS

Parameter

Description

Type

Required

Parameter

Description

Type

Required

requestType

API request type that returns a Vulnerabilities report for a specific product.

string

Yes

userKey

The ID of the user’s profile, which uniquely identifies the user in WhiteSource.

string

Yes

productToken

API key which is a unique identifier of the product.

string

Yes

format

Requested format of the report. Options are: xlsx (default) or json.

string

Yes

Request Example

1 2 3 4 5 6 {     "requestType" : "getProductReport",     "userKey": "user_key",     "productToken" : "product_token",     "format" : "xlsx" }

Response Format

The response will have the following headers:

  • Content-Type = application/vnd.openxmlformats-officedocument.spreadsheetml.sheet

  • Content-Disposition: attachment; filename=<product name>.xlsx

Back to top.

Project

Get Vulnerabilities report for a project.

QUERY PARAMETERS

Parameter

Description

Type

Required

Parameter

Description

Type

Required

requestType

API request type that returns a Vulnerabilities report for a specific project.

string

Yes

userKey

The ID of the user’s profile, which uniquely identifies the user in WhiteSource.

string

Yes

projectToken

API key which is a unique identifier of the project.

string

Yes

format

Requested format of the report. Options are: xlsx (default) or json.

string

Yes

Request Example

1 2 3 4 5 6 {     "requestType" : "getProjectReport",      "userKey": "user_key",     "projectToken" : "project_token",     "format" : "json" }

Response Format

The response will have the following headers:

  • Content-Type = application/vnd.openxmlformats-officedocument.spreadsheetml.sheet

  • Content-Disposition: attachment; filename=<project name>.xlsx

Back to top.

Get Container Vulnerabilities Report

This report displays the vulnerabilities per pod, namespace, and cluster. Users can filter specific resources according to their context in the cluster. For details, see https://whitesource.atlassian.net/wiki/pages/createpage.action?spaceKey=WD&title=Container%20Vulnerabilities%20Report&linkCreation=true&fromPageId=1730543766 .

This API request enables you to get Container Vulnerabilities reports at the organizational and cluster level, in Excel or JSON format.

Organization

Get Container Vulnerabilities report for an organization.

QUERY PARAMETERS

Parameter

Description

Type

Required

Parameter

Description

Type

Required

requestType

API request type that returns a Container Vulnerabilities report for an organization.

string

Yes

userKey

The ID of the user’s profile, which uniquely identifies the user in WhiteSource.

string

Yes

orgToken

API key which is a unique identifier of the organization.

string

Yes

format

Requested format of the report. Options are: xlsx (default) or json.

string

Yes

Request Example

1 2 3 4 5 6 {     "requestType" : "getOrganizationContainerReport",      "userKey": "user_key",     "orgToken" : "org_token",     "format" : "xlsx" }

Response Format

The response will have the following headers:

  • Content-Type = application/vnd.openxmlformats-officedocument.spreadsheetml.sheet

  • Content-Disposition: attachment; filename=<organization name>.xlsx

Back to top.

Cluster

Get Container Vulnerabilities report for a cluster.

QUERY PARAMETERS

Parameter

Description

Type

Required

Parameter

Description

Type

Required

requestType

API request type that returns a Container Vulnerabilities report at the Cluster level.

string

Yes

userKey

The ID of the user’s profile, which uniquely identifies the user in WhiteSource.

string

Yes

productToken

API key which is a unique identifier of the product.

string

Yes

format

Requested format of the report. Options are: xlsx (default) or json.

string

Yes

Request Example

1 2 3 4 5 6 {     "requestType" : "getClusterReport",     "userKey": "user_key",     "productToken" : "product_token",     "format" : "xlsx" }

Response Format

The response will have the following headers:

  • Content-Type = application/vnd.openxmlformats-officedocument.spreadsheetml.sheet

  • Content-Disposition: attachment; filename=<cluster name>.xlsx

Back to top.

Get Effective Usage Analysis Report

This API request provides comprehensive analysis results using Effective Usage Analysis (EUA) for selected projects in an organization. 

QUERY PARAMETERS

Parameter

Description

Type

Required

Parameter

Description

Type

Required

requestType

API request type that returns analysis results for all applicable projects in a specified organization.

string

Yes

userKey

The ID of the user’s profile, which uniquely identifies the user in WhiteSource.

string

Yes

orgToken

API key which is a unique identifier of the organization.

string

Yes

Request Example

1 2 3 4 5 {    "requestType":"getOrganizationEffectiveUsageAnalysis",    "userKey":"user_key",    "orgToken":"organization_api_key" }

Response Example

The API response shows the analysis results (JSON format) for all applicable projects in the specified organization (by product). For example:

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 {     "analysisReportDate": "2021-01-24",     "orgName": "org_name",     "products": [         {             "projects": [                 {                     "libraries": [                         {                             "name": "xstream-1.4.10.jar",                             "keyUuid": "8b0f1465-7a32-4aab-b8c7-3a27ad3ec595",                             "groupId": "com.thoughtworks.xstream",                             "artifactId": "xstream",                             "version": "1.4.10",                             "sha1": "dfecae23647abc9d9fd0416629a4213a3882b101",                             "analysisDateTime": "2020-09-15",                             "impactAnalysisStatus": "DATA_UNAVAILABLE",                             "impactAnalysisResult": "High (1?);Medium (0)",                             "resultingShield": "GREY",                             "vulnerabilities": [                                 {                                     "name": "CVE-2020-26258",                                     "type": "CVE",                                     "severity": "medium",                                     "score": 5.0,                                     "publishDate": "2020-12-16",                                     "url": "https://vuln.whitesourcesoftware.com//CVE-2020-26258",                                     "description": "XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.15, a Server-Side Forgery Request  can be activated when unmarshalling. The  may allow a remote attacker to request data from internal resources that are not publicly available only by manipulating the processed input stream. If you rely on XStream's default blacklist of the Security Framework, you will have to use at least version 1.4.15. The reported  does not exist if running Java 15 or higher. No user is affected who followed the recommendation to setup XStream's Security Framework with a whitelist! Anyone relying on XStream's default blacklist can immediately switch to a whilelist for the allowed types to avoid the . Users of XStream 1.4.14 or below who still want to use XStream default blacklist can use a workaround described in more detailed in the referenced advisories.",                                     "topFix": {                                         "": "CVE-2020-26258",                                         "type": "CHANGE_FILES",                                         "origin": "GITHUB_COMMIT",                                         "url": "https://github.com/x-stream/xstream/commit/ecc111cf22039eb9edcaec68dec05506b67e9382",                                         "fixResolution": "Replace or update the following files: website.xml, CVE-2020-26258.html, changes.html, security.html",                                         "date": "2020-12-18",                                         "message": "Fix and document CVE-2020-26258."                                     },                                     "impactAnalysis": {                                         "references": []                                     }                                 },                                 ......                                

Back to top.

Get Alerts Report

The Alerts report presents you with valuable information about the libraries (components) in your products and organizations.

This API request enables you to export organization, product or project-level source file alert reports in Excel (xlsx), XML (xml) or JSON (json) format.

Organization

Get Alerts report for an organization.

NOTE: For customers who have enabled -based Alerting (see Security Alerts: View By ), this API will not be available.

QUERY PARAMETERS

Parameter

Description

Type

Required

Parameter

Description

Type

Required

requestType

API request type that returns a report for all the alerts in an organization.

string

Yes

userKey

The ID of the user’s profile, which uniquely identifies the user in WhiteSource.

string

Yes

orgToken

API key which is a unique identifier of the organization.

string

Yes

format

Requested format of the report. Options are: xlsx (default), xml, or json.

string

Yes

Request Example

1 2 3 4 5 6 {     "requestType" : "getOrganizationAlertsReport",     "userKey": "user_key",     "orgToken" : "organization_api_key",     "format" : "xlsx" }

Response in Excel Format

The response to the above example in xlsx format will have the following headers:

  • Content-Type = application/vnd.openxmlformats-officedocument.spreadsheetml.sheet

  • Content-Disposition: attachment; filename=<organization name>.xlsx

Response in XML Format

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 <?xml version="1.0" encoding="UTF-8"?> <alerts>     <alert>         <creationTime>15-12-2020</creationTime>         <level>Error</level>         <type>Policy Violation</type>         <library>json-1.8.3.gem</library>         <description>Reject effective high sev</description>         <occurrences>             <product>                 <id>828898</id>                 <name>GH_cloudify-cli</name>                 <projects>                     <project>                         <id>2756788</id>                         <name>GH_cloudify-cli</name>                     </project>                 </projects>             </product>         </occurrences>         <librarytype>Ruby</librarytype>     

Response in JSON Format

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 {     "alerts": [         {             "type": "REJECTED_BY_POLICY_RESOURCE",             "level": "MAJOR",             "library": {                 "keyUuid": "9b64843f-30f8-495f-be41-80601c190380",                 "filename": "json-1.8.3.gem",                 "type": "RUBY_GEM",                 "description": "This is a JSON implementation as a Ruby extension in C.",                 "sha1": "dcd00a477bbb8c0c722f68f9c28bc8460a7b1d6f",                 "name": "json",                 "artifactId": "json-1.8.3.gem",                 "version": "1.8.3",                 "groupId": "json",                 "architecture": "",                 "languageVersion": ""             },             "product": "GH_cloudify-cli",             "project": "GH_cloudify-cli",             "directDependency": false,             "description": "Reject effective high sev",             "creation_date": "2020-12-15 14:48:33",             "lastUpdatedDate": "2020-12-15 14:48:33"         },         .......         

Back to top.

Product

Get Alerts report for a product.

NOTE: For customers who have enabled -based Alerting (see Security Alerts: View By ), this API will not be available.

QUERY PARAMETERS

Parameter

Description

Type

Required

Parameter

Description

Type

Required

requestType

API request type that returns a report for all the alerts in a specific product.

string

Yes

userKey

The ID of the user’s profile, which uniquely identifies the user in WhiteSource.

string

Yes

productToken

API key which is a unique identifier of the product.

string

Yes

format

Requested format of the report. Options are: xlsx (default), xml, or json.

string

Yes

Request Example

1 2 3 4 5 6 {     "requestType" : "getProductAlertsReport",     "userKey": "user_key",     "productToken" : "product_token",     "format" : "xlsx" }

Response Format

The response to the above request example (xlsx format) will have the following headers:

  • Content-Type = application/vnd.openxmlformats-officedocument.spreadsheetml.sheet

  • Content-Disposition: attachment; filename=<product name>.xlsx

Back to top.

Project

Get Alerts report for a project.

NOTE: For customers who have enabled -based Alerting (see Security Alerts: View By ), this API will not be available.

QUERY PARAMETERS

Parameter

Description

Type

Required

Parameter

Description

Type

Required

requestType

API request type that returns a report for all the alerts in a specific project.

string

Yes

userKey

The ID of the user’s profile, which uniquely identifies the user in WhiteSource.

string

Yes

projectToken

API key which is a unique identifier of the project.

string

Yes

format

Requested format of the report. Options are: xlsx (default), xml, or json.

string

Yes

Request Example

1 2 3 4 5 6 {     "requestType" : "getProjectAlertsReport",     "userKey": "user_key",     "projectToken" : "project_token",     "format" : "xlsx" }

Response Format

The response to the above request example (xlsx format) will have the following headers:

  • Content-Type = application/vnd.openxmlformats-officedocument.spreadsheetml.sheet

  • Content-Disposition: attachment; filename=<project name>.xlsx

Back to top.

Get Ignored Alerts Report

This API request enables you to get an organization, product or project-level Ignored Alerts report, in Excel format.

Organization

Get Ignored Alerts report for an organization.

NOTE: For customers who have enabled -based Alerting (see Security Alerts: View By ), this API will not be available.

QUERY PARAMETERS

Parameter

Description

Type

Required

Parameter

Description

Type

Required

requestType

API request type that returns a report for all Ignored Alerts in an organization.

string

Yes

userKey

The ID of the user’s profile, which uniquely identifies the user in WhiteSource.

string

Yes

orgToken

API key which is a unique identifier of the organization.

string

Yes

format

Requested format of the report. Options are: xlsx (default) or xml.

string

Yes

Request Example

1 2 3 4 5 6 {     "requestType" : "getOrganizationIgnoredAlertsReport",     "userKey": "user_key",     "orgToken" : "organization_api_key",     "format" : "xlsx" }

Response Format

The response will have the following headers:

  • Content-Type = application/vnd.openxmlformats-officedocument.spreadsheetml.sheet

  • Content-Disposition: attachment; filename=<organization name>.xlsx

Back to top.

Product

Get Ignored Alerts report for a product.

NOTE: For customers who have enabled -based Alerting (see Security Alerts: View By ), this API will not be available.

QUERY PARAMETERS

Parameter

Description

Type

Required

Parameter

Description

Type

Required

requestType

API request type that returns a report for all Ignored Alerts in a specific product.

string

Yes

userKey

The ID of the user’s profile, which uniquely identifies the user in WhiteSource.

string

Yes

productToken

API key which is a unique identifier of the product.

string

Yes

format

Requested format of the report. Options are: xlsx (default) or xml.

string

Yes

Request Example

1 2 3 4 5 6 {     "requestType" : "getProductIgnoredAlertsReport",     "userKey": "user_key",     "productToken" : "product_token",     "format" : "xlsx" }

Response Format

The response will have the following headers:

  • Content-Type = application/vnd.openxmlformats-officedocument.spreadsheetml.sheet

  • Content-Disposition: attachment; filename=<product name>.xlsx

Back to top.

Project

Get Ignored Alerts report for a project.

NOTE: For customers who have enabled -based Alerting (see Security Alerts: View By ), this API will not be available.

QUERY PARAMETERS

Parameter

Description

Type

Required

Parameter

Description

Type

Required

requestType

API request type that returns a report for all Ignored Alerts in a specific project.

string

Yes

userKey

The ID of the user’s profile, which uniquely identifies the user in WhiteSource.

string

Yes

projectToken

API key which is a unique identifier of the project.

string

Yes

format

Requested format of the report. Options are: xlsx (default) or xml.

string

Yes

Request Example

1 2 3 4 5 6 {     "requestType" : "getProjectIgnoredAlertsReport",     "userKey": "user_key",     "projectToken" : "project_token",     "format" : "xlsx" }

Response Format

The response will have the following headers:

  • Content-Type = application/vnd.openxmlformats-officedocument.spreadsheetml.sheet

  • Content-Disposition: attachment; filename=<project name>.xlsx

Back to top.

Get Alert Resolution Duration Report

NOTE: For customers who have enabled -based Alerting (see Security Alerts: View By ), this API will not be available.

This API request enables you to get reports on alerts that were resolved, at the organization, product or project-level.

Organization

Get Resolved Alerts report for an organization.

NOTE: For customers who have enabled -based Alerting (see Security Alerts: View By ), this API will not be available.

QUERY PARAMETERS

Parameter

Description

Type

Required

Parameter

Description

Type

Required

requestType

API request type that returns a report for all Resolved Alerts in an organization.

string

Yes

userKey

The ID of the user’s profile, which uniquely identifies the user in WhiteSource.

string

Yes

orgToken

API key which is a unique identifier of the organization.

string

Yes

format

Requested format of the report. Options are: xlsx (default) or xml.

string

Yes

Request Example

1 2 3 4 5 6 {     "requestType" : "getOrganizationResolvedAlertsReport",     "userKey": "user_key",     "orgToken" : "organization_api_key",     "format" : "xlsx" }

Response Format

The response will have the following headers:

  • Content-Type = application/vnd.openxmlformats-officedocument.spreadsheetml.sheet

  • Content-Disposition: attachment; filename=<organization name>.xlsx

Back to top.

Product

Get Resolved Alerts report for a product.

NOTE: For customers who have enabled -based Alerting (see Security Alerts: View By ), this API will not be available.

QUERY PARAMETERS

Parameter

Description

Type

Required

Parameter

Description

Type

Required

requestType

API request type that returns a report for all Resolved Alerts in a specific product.

string

Yes

userKey

The ID of the user’s profile, which uniquely identifies the user in WhiteSource.

string

Yes

productToken

API key which is a unique identifier of the product.

string

Yes

format

Requested format of the report. Options are: xlsx (default) or xml.

string

Yes

Request Example

1 2 3 4 5 6 {     "requestType" : "getProductResolvedAlertsReport",     "userKey": "user_key",     "productToken" : "product_token",     "format" : "xlsx" }

Response Format

The response will have the following headers:

  • Content-Type = application/vnd.openxmlformats-officedocument.spreadsheetml.sheet

  • Content-Disposition: attachment; filename=<product name>.xlsx

Back to top.

Project

Get Resolved Alerts report for a project.

NOTE: For customers who have enabled -based Alerting (see Security Alerts: View By ), this API will not be available.

QUERY PARAMETERS

Parameter

Description

Type

Required

Parameter

Description

Type

Required

requestType

API request type that returns a report for all Resolved Alerts in a specific project.

string

Yes

userKey

The ID of the user’s profile, which uniquely identifies the user in WhiteSource.

string

Yes

projectToken

API key which is a unique identifier of the project.

string

Yes

format

Requested format of the report. Options are: xlsx (default) or xml.

string

Yes

Request Example

1 2 3 4 5 6 {     "requestType" : "getProjectResolvedAlertsReport",     "userKey": "user_key",     "projectToken" : "project_token",     "format" : "xlsx" }

Response Format

The response will have the following headers:

  • Content-Type = application/vnd.openxmlformats-officedocument.spreadsheetml.sheet

  • Content-Disposition: attachment; filename=<project name>.xlsx

Back to top.

Get Change Log History Report

The Change Log History report provides up-to-date details on manual changes made by either WhiteSource or its users. This report can only be accessed by the organization's administrator(s).

This API request enables you to get organization-level Change Log History in Excel format.

QUERY PARAMETERS

Parameter

Description

Type

Required

Parameter

Description

Type

Required

requestType

API request type that returns a Change Log History report for an organization.

string

Yes

userKey

The ID of the user’s profile, which uniquely identifies the user in WhiteSource.

string

Yes

orgToken

API key which is a unique identifier of the organization.

string

Yes

Request Example

1 2 3 4 5 {     "requestType":"getChangeLogHistoryReport"  "userKey": "user_key",     "orgToken": "organization_api_key", }

Response Format

The response will have the following headers:

  • Content-Type = application/vnd.openxmlformats-officedocument.spreadsheetml.sheet

  • Content-Disposition: attachment; filename=response.xlsx

Back to top.

Get Request History Report

This report lists all the organization's requests in all statuses.

This API request enables you to get organization, product or project-level request history reports in Excel format.

Organization

Get Request History report for an organization.

QUERY PARAMETERS

Parameter

Description

Type

Required

Parameter

Description

Type

Required

requestType

API request type that returns a history report of all requests for an organization.

string

Yes

userKey

The ID of the user’s profile, which uniquely identifies the user in WhiteSource.

string

Yes

orgToken

API key which is a unique identifier of the organization.

string

Yes

Request Example

1 2 3 4 5 {     "requestType" : "getOrganizationRequestHistoryReport",      "userKey": "user_key",     "orgToken" : "organization_api_key" }

Response Format

The response will have the following headers:

  • Content-Type = application/vnd.openxmlformats-officedocument.spreadsheetml.sheet

  • Content-Disposition: attachment; filename=<organization name>.xlsx

Back to top.

Product

Get Request History report for a product.

QUERY PARAMETERS

Parameter

Description

Type

Required

Parameter

Description

Type

Required

requestType

API request type that returns a history report of all requests for a specific product.

string

Yes

userKey

The ID of the user’s profile, which uniquely identifies the user in WhiteSource.

string

Yes

productToken

API key which is a unique identifier of the product.

string

Yes

Request Example

1 2 3 4 5 {     "requestType" : "getProductRequestHistoryReport",     "userKey": "user_key",     "productToken" : "product_token" }

Response Format

The response will have the following headers:

  • Content-Type = application/vnd.openxmlformats-officedocument.spreadsheetml.sheet

  • Content-Disposition: attachment; filename=<product name>.xlsx

Back to top.

Project

Get Request History report for a project.

QUERY PARAMETERS

Parameter

Description

Type

Required

Parameter

Description

Type

Required

requestType

API request type that returns a history report of all requests for a specific project.

string

Yes

userKey

The ID of the user’s profile, which uniquely identifies the user in WhiteSource.

string

Yes

projectToken

API key which is a unique identifier of the project.

string

Yes

Request Example

1 2 3 4 5 {     "requestType" : "getProjectRequestHistoryReport",      "userKey": "user_key",     "projectToken" : "project_token" }

Response Format

The response will have the following headers:

  • Content-Type = application/vnd.openxmlformats-officedocument.spreadsheetml.sheet

  • Content-Disposition: attachment; filename=<project name>.xlsx

Back to top.

Get Plugin Request History Report

The Plugin Request History report shows the details of all plugin update requests for an organization, including whether or not there were policy violations.

This API request enables you to get a history report of an organization’s plugin update requests, in Excel format.

QUERY PARAMETERS

Parameter

Description

Type

Required

Parameter

Description

Type

Required

requestType

API request type that returns a history report of all plugin update requests for an organization.

string

Yes

userKey

The ID of the user’s profile, which uniquely identifies the user in WhiteSource.

string

Yes

orgToken

API key which is a unique identifier of the organization.

string

Yes

Request Example

1 2 3 4 5 {     "requestType" : "getPluginRequestHistoryReport",      "userKey": "user_key",     "orgToken" : "organization_api_key" }

Response Format

The response will have the following headers:

  • Content-Type = application/vnd.openxmlformats-officedocument.spreadsheetml.sheet

  • Content-Disposition: attachment; filename=<organization name>.xlsx

Back to top.

Get Members Report

This report provides information about the members in an organization, such as, email address and number of pending requests assigned to them.  

This API request enables you to get Members reports at the organization, product or project-level, in Excel format.

Organization

Get Members report for an organization.

QUERY PARAMETERS

Parameter

Description

Type

Required

Parameter

Description

Type

Required

requestType

API request type that returns a report of all members in an organization.

string

Yes

userKey

The ID of the user’s profile, which uniquely identifies the user in WhiteSource.

string

Yes

orgToken

API key which is a unique identifier of the organization.

string

Yes

Request Example

1 2 3 4 5 {     "requestType" : "getOrganizationMembersReport",      "userKey": "user_key",     "orgToken" : "organization_api_key" }

Response Format

The response will have the following headers:

  • Content-Type = application/vnd.openxmlformats-officedocument.spreadsheetml.sheet

  • Content-Disposition: attachment; filename=<organization name>.xlsx

Back to top.

Product

Get Members report for a product.

QUERY PARAMETERS

Parameter

Description

Type

Required

Parameter

Description

Type

Required

requestType

API request type that returns a report of all members in a product.

string

Yes

userKey

The ID of the user’s profile, which uniquely identifies the user in WhiteSource.

string

Yes

productToken

API key which is a unique identifier of the product.

string

Yes

Request Example

1 2 3 4 5 {     "requestType" : "getProductMembersReport",      "userKey": "user_key",     "productToken" : "product_token" }

Response Format

The response will have the following headers:

  • Content-Type = application/vnd.openxmlformats-officedocument.spreadsheetml.sheet

  • Content-Disposition: attachment; filename=<product name>.xlsx

Back to top.

Project

Get Members report for a project.

QUERY PARAMETERS

Parameter

Description

Type

Required

Parameter

Description

Type

Required

requestType

API request type that returns a report of all members in a project.

string

Yes

userKey

The ID of the user’s profile, which uniquely identifies the user in WhiteSource.

string

Yes

projectToken

API key which is a unique identifier of the project.

string

Yes

Request Example

1 2 3 4 5 {     "requestType" : "getProjectMembersReport",      "userKey": "user_key",     "projectToken" : "project_token" }

Response Format

The response will have the following headers:

  • Content-Type = application/vnd.openxmlformats-officedocument.spreadsheetml.sheet

  • Content-Disposition: attachment; filename=<project name>.xlsx

Back to top.

Get Security Alerts by Report

NOTE: This API is only supported in organizations that have -based Alerting installed (see Security Alerts: View By ).

This API request generates a security alerts report detailed by , in the scope of the organization, a specific product or a specific project. 

Organization

Get security alerts by for an organization.

QUERY PARAMETERS

Parameter

Description

Type

Required

Parameter

Description

Type

Required

requestType

API request type that returns a report of all security alerts by in an organization.

string

Yes

userKey

The ID of the user’s profile, which uniquely identifies the user in WhiteSource.

string

Yes

orgToken

API key which is a unique identifier of the organization.

string

Yes

status

Yes status of the alerts: Active, Ignored or Resolved. By default, all statuses are returned.

string

Yes

format

Requested format of the report. Options are: xlsx (default), xml, or json.

string

Yes

Request Example

1 2 3 4 5 6 7 { "requestType" : "getOrganizationSecurityAlertsByReport", "userKey": "user_key", "orgToken" : "organization_api_key", "status" : "active", "format" : "xlsx" }

Response Format

The response will have the following headers:

  • Content-Type = application/vnd.openxmlformats-officedocument.spreadsheetml.sheet

  • Content-Disposition: attachment; filename=<organization name>-alerts-report.xlsx

Back to top.

Product

Get security alerts by for a product.

QUERY PARAMETERS

Parameter

Description

Type

Required

Parameter

Description

Type

Required

requestType

API request type that returns a report of all security alerts by for a product.

string

Yes

userKey

The ID of the user’s profile, which uniquely identifies the user in WhiteSource.

string

Yes

productToken

API key which is a unique identifier of the product.

string

Yes

status

Yes status of the alerts: Active, Ignored or Resolved. By default, all statuses are returned.

string

Yes

format

Requested format of the report. Options are: xlsx (default), xml, or json.

string

Yes

Request Example

1 2 3 4 5 6 7 { "requestType" : "getProductSecurityAlertsByReport", "userKey": "user_key", "productToken" : "product_token", "status" : "ignored", "format" : "xlsx" }

Response Format

The response will have the following headers:

  • Content-Type = application/vnd.openxmlformats-officedocument.spreadsheetml.sheet

  • Content-Disposition: attachment; filename=<product name>-alerts-report.xlsx

Back to top.

Project

Get security alerts by for a project.

QUERY PARAMETERS

Parameter

Description