Skip to main content
POST
/
v1
/
assessments
Create an assessment
curl --request POST \
  --url https://api.app.chainloop.dev/v1/assessments \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "external_id": "<string>",
  "products": [
    {
      "purl_glob": "purl_glob"
    }
  ],
  "status": "ASSESSMENT_STATUS_UNSPECIFIED",
  "justification_code": "ASSESSMENT_JUSTIFICATION_CODE_UNSPECIFIED",
  "note": "<string>",
  "creator_type": "ASSESSMENT_CREATOR_TYPE_UNSPECIFIED",
  "project_name": "<string>",
  "project_version_name": "<string>"
}
'
{
  "result": {
    "justification_code": "ASSESSMENT_JUSTIFICATION_CODE_UNSPECIFIED",
    "note": "note",
    "creator_type": "ASSESSMENT_CREATOR_TYPE_UNSPECIFIED",
    "created_at": "2000-01-23T04:56:07.000Z",
    "external_id": "external_id",
    "project_version_id": "project_version_id",
    "created_by": {
      "intercom_hash": "intercom_hash",
      "created_at": "2000-01-23T04:56:07.000Z",
      "last_name": "last_name",
      "id": "id",
      "first_name": "first_name",
      "email": "email",
      "instance_admin": true
    },
    "products": [
      {
        "purl_glob": "purl_glob"
      },
      {
        "purl_glob": "purl_glob"
      }
    ],
    "updated_at": "2000-01-23T04:56:07.000Z",
    "project_id": "project_id",
    "finding_ids": [
      "finding_ids",
      "finding_ids"
    ],
    "organization_id": "organization_id",
    "scope": "ASSESSMENT_SCOPE_UNSPECIFIED",
    "id": "id",
    "status": "ASSESSMENT_STATUS_UNSPECIFIED"
  }
}

Authorizations

Authorization
string
header
required

Bearer token for authentication

Body

application/json

Request to create an assessment

Request to create an assessment

external_id
string

Vulnerability or advisory identifier (e.g. CVE-2024-1234)

products
AssessmentProduct represents a PURL glob entry in the products field · object[]

PURL globs identifying affected products

status
enum<string>
default:ASSESSMENT_STATUS_UNSPECIFIED
Available options:
ASSESSMENT_STATUS_UNSPECIFIED,
ASSESSMENT_STATUS_NOT_AFFECTED,
ASSESSMENT_STATUS_AFFECTED,
ASSESSMENT_STATUS_UNDER_INVESTIGATION,
ASSESSMENT_STATUS_FIXED
justification_code
enum<string>
default:ASSESSMENT_JUSTIFICATION_CODE_UNSPECIFIED
Available options:
ASSESSMENT_JUSTIFICATION_CODE_UNSPECIFIED,
ASSESSMENT_JUSTIFICATION_CODE_COMPONENT_NOT_PRESENT,
ASSESSMENT_JUSTIFICATION_CODE_VULNERABLE_CODE_NOT_PRESENT,
ASSESSMENT_JUSTIFICATION_CODE_VULNERABLE_CODE_CANNOT_BE_CONTROLLED_BY_ADVERSARY,
ASSESSMENT_JUSTIFICATION_CODE_VULNERABLE_CODE_NOT_IN_EXECUTE_PATH,
ASSESSMENT_JUSTIFICATION_CODE_INLINE_MITIGATIONS_ALREADY_EXIST
note
string

Free-text note

creator_type
enum<string>
default:ASSESSMENT_CREATOR_TYPE_UNSPECIFIED
Available options:
ASSESSMENT_CREATOR_TYPE_UNSPECIFIED,
ASSESSMENT_CREATOR_TYPE_USER,
ASSESSMENT_CREATOR_TYPE_AI_ASSISTED
project_name
string

Project name

project_version_name
string

Project version name (when scoping to a specific version)

Response

A successful response.

Response for Create method

result
AssessmentItem · object

Full representation of a security assessment

Example:
{
  "justification_code": "ASSESSMENT_JUSTIFICATION_CODE_UNSPECIFIED",
  "note": "note",
  "creator_type": "ASSESSMENT_CREATOR_TYPE_UNSPECIFIED",
  "created_at": "2000-01-23T04:56:07.000Z",
  "external_id": "external_id",
  "project_version_id": "project_version_id",
  "created_by": {
    "intercom_hash": "intercom_hash",
    "created_at": "2000-01-23T04:56:07.000Z",
    "last_name": "last_name",
    "id": "id",
    "first_name": "first_name",
    "email": "email",
    "instance_admin": true
  },
  "products": [
    { "purl_glob": "purl_glob" },
    { "purl_glob": "purl_glob" }
  ],
  "updated_at": "2000-01-23T04:56:07.000Z",
  "project_id": "project_id",
  "finding_ids": ["finding_ids", "finding_ids"],
  "organization_id": "organization_id",
  "scope": "ASSESSMENT_SCOPE_UNSPECIFIED",
  "id": "id",
  "status": "ASSESSMENT_STATUS_UNSPECIFIED"
}