> ## Documentation Index > Fetch the complete documentation index at: https://docs.chainloop.dev/llms.txt > Use this file to discover all available pages before exploring further. # List software components > List the software components (SBOM) registered in your organization, optionally filtered by project version or product version. ## OpenAPI ````yaml https://api.app.chainloop.dev/openapi.yaml get /v1/components openapi: 3.0.1 info: contact: email: support@chainloop.dev name: Chainloop Support url: https://chainloop.dev termsOfService: https://chainloop.dev/terms title: Chainloop Platform API version: '1.0' servers: - url: https://api.app.chainloop.dev/ security: - bearerToken: [] tags: - description: AI-powered agent operations name: AgentsService - name: ArtifactService - name: AssessmentService - description: Service for polling the status of asynchronous operations name: AsyncOperationsService - name: AttestationsService - name: PolicyService - name: ComplianceService - name: ComponentService - name: EnvironmentsService - name: EvidenceService - name: FindingService - name: LogicalEnvironmentsService - name: ProductsService - name: ProjectsService - name: UserService externalDocs: description: Chainloop Official Documentation url: https://docs.chainloop.dev paths: /v1/components: get: tags: - ComponentService summary: List software components description: >- List the software components (SBOM) registered in your organization, optionally filtered by project version or product version. operationId: ComponentService_List parameters: - description: ProjectName is the name of the project to filter by in: query name: project_name schema: type: string - description: ProjectVersionName is the name of the project version to filter by in: query name: project_version_name schema: type: string - description: |- ProductID is the ID of the product to filter by ID of the product to filter components by in: query name: product_id schema: type: string - description: >- ProductVersionID is the ID of the product version to filter by ID of the product version to filter components by. Must be provided with product_id in: query name: product_version_id schema: type: string - description: |- The cursor to start pagination from The cursor to start pagination from in: query name: pagination.cursor schema: type: string - description: |- The limit of the number of entries to return The maximum number of entries to return in: query name: pagination.limit schema: default: 10 format: int32 type: integer - description: |- Search provides a way to search components by name or purl Search term to filter components by name or purl in: query name: search schema: type: string - description: >- IsMainComponent is a flag to filter by the main component property Return either main components or child components, if not set we'll return all components in: query name: main_component schema: type: boolean - description: >- Filter by whether the component has at least one linked active finding. Requires a project version scope. in: query name: vulnerable schema: type: boolean - description: >- Filter by whether the component has at least one linked active finding with a fix available. Requires a project version scope. in: query name: fixable schema: type: boolean - description: >- Filter by whether the component has at least one linked active finding tied to a CISA KEV vulnerability. Requires a project version scope. in: query name: exploitable schema: type: boolean responses: '200': content: application/json: schema: $ref: '#/components/schemas/v1ComponentServiceListResponse' description: A successful response. '400': content: application/json: schema: $ref: '#/components/schemas/v1BadRequestResponse' description: Bad Request - The request was invalid or cannot be served. '401': content: application/json: schema: $ref: '#/components/schemas/v1UnauthorizedResponse' description: Unauthorized - Authentication is required. '403': content: application/json: schema: $ref: '#/components/schemas/v1PermissionDeniedResponse' description: Forbidden - You do not have permission to access this resource. '500': content: application/json: schema: $ref: '#/components/schemas/v1InternalServerErrorResponse' description: Internal Server Error - An unexpected error occurred on the server. default: content: application/json: schema: $ref: '#/components/schemas/rpcStatus' description: An unexpected error response. components: schemas: v1ComponentServiceListResponse: description: Response for the List method example: pagination: next_cursor: next_cursor results: - component_type: component_type children: - null - null name: name cpe: cpe created_at: '2000-01-23T04:56:07.000Z' id: id purl: purl findings_summary: total: 0 high: 1 critical: 6 low: 5 medium: 5 unknown: 2 version: version auto_generated_purl: true parents: - null - null - component_type: component_type children: - null - null name: name cpe: cpe created_at: '2000-01-23T04:56:07.000Z' id: id purl: purl findings_summary: total: 0 high: 1 critical: 6 low: 5 medium: 5 unknown: 2 version: version auto_generated_purl: true parents: - null - null properties: results: items: $ref: '#/components/schemas/v1ComponentItem' title: Results is the list of components type: array pagination: $ref: '#/components/schemas/v1CursorPaginationResponse' title: ComponentServiceListResponse type: object v1BadRequestResponse: description: Response for bad request example: code: 0 details: - details - details message: message properties: code: default: 3 description: >- The error code indicating the type of error. It's fixed to 3, which is the code for INVALID_ARGUMENT. format: int32 type: integer message: description: A human-readable message providing more details about the error. type: string details: description: Additional details about the error. items: type: string type: array required: - code - message title: BadRequestResponse type: object v1UnauthorizedResponse: description: Response for unauthorized access example: code: 6 details: - details - details message: message properties: code: default: 16 description: >- The error code indicating the type of error. It's fixed to 16, which is the code for UNAUTHENTICATED. format: int32 type: integer message: description: A human-readable message providing more details about the error. type: string details: description: Additional details about the error. items: type: string type: array required: - code - message title: UnauthorizedResponse type: object v1PermissionDeniedResponse: description: Response for permission denied example: code: 1 details: - details - details message: message properties: code: default: 7 description: >- The error code indicating the type of error. It's fixed to 7, which is the code for PERMISSION_DENIED. format: int32 type: integer message: description: A human-readable message providing more details about the error. type: string details: description: Additional details about the error. items: type: string type: array required: - code - message title: PermissionDeniedResponse type: object v1InternalServerErrorResponse: description: Response for internal server error example: code: 5 details: - details - details message: message properties: code: default: 13 description: >- The error code indicating the type of error. It's fixed to 13, which is the code for INTERNAL_ERROR. format: int32 type: integer message: description: A human-readable message providing more details about the error. type: string details: description: Additional details about the error. items: type: string type: array required: - code - message title: InternalServerErrorResponse type: object rpcStatus: example: code: 5 details: - '@type': '@type' - '@type': '@type' message: message properties: code: format: int32 type: integer message: type: string details: items: $ref: '#/components/schemas/protobufAny' type: array type: object v1ComponentItem: description: It represents an item in the list of components example: component_type: component_type children: - null - null name: name cpe: cpe created_at: '2000-01-23T04:56:07.000Z' id: id purl: purl findings_summary: total: 0 high: 1 critical: 6 low: 5 medium: 5 unknown: 2 version: version auto_generated_purl: true parents: - null - null properties: id: description: Unique identifier of the component title: ID is the unique identifier of the component type: string purl: description: Package URL of the component title: PURL is the Package URL of the component type: string name: description: Name of the component title: Name is the name of the component type: string version: description: Version of the component title: Version is the version of the component type: string component_type: description: Type of the component (e.g., library, application) title: >- ComponentType is the type of the component (e.g., library, application) type: string cpe: description: CPE identifier of the component title: CPE is the CPE identifier of the component type: string created_at: description: Timestamp when the component was created format: date-time title: CreatedAt is the timestamp when the component was created type: string auto_generated_purl: description: >- Indicates if the PURL was automatically generated by Chainloop (vs. provided in SBOM) title: >- AutoGeneratedPurl indicates if the PURL was automatically generated by Chainloop type: boolean parents: description: >- Parent components (e.g., container images) that include this component as a dependency. Empty for main components. Only populated in Describe responses. items: $ref: '#/components/schemas/v1ComponentItem' title: >- Parents is the list of parent components (main components) that include this component as a dependency type: array children: description: >- Child components (dependencies) of this component. Empty for leaf components. Only populated in Describe responses. items: $ref: '#/components/schemas/v1ComponentItem' title: >- Children is the list of child components (dependencies) of this component type: array findings_summary: $ref: '#/components/schemas/v1ComponentFindingsSummary' title: ComponentItem type: object v1CursorPaginationResponse: description: Pagination information for cursor-based pagination example: next_cursor: next_cursor properties: next_cursor: description: The next cursor to start pagination from title: The next cursor to start pagination from type: string title: CursorPaginationResponse type: object protobufAny: additionalProperties: type: object example: '@type': '@type' properties: '@type': type: string type: object v1ComponentFindingsSummary: description: Per-severity active finding counts for a software component example: total: 0 high: 1 critical: 6 low: 5 medium: 5 unknown: 2 properties: total: description: Total active findings linked to the component format: int32 type: integer critical: description: Critical-severity active findings format: int32 title: Critical-severity active findings type: integer high: description: High-severity active findings format: int32 title: High-severity active findings type: integer medium: description: Medium-severity active findings format: int32 title: Medium-severity active findings type: integer low: description: Low-severity active findings format: int32 title: Low-severity active findings type: integer unknown: description: Findings with unknown severity format: int32 title: Findings with severity unknown / unclassified type: integer title: ComponentFindingsSummary type: object securitySchemes: bearerToken: description: Bearer token for authentication type: http scheme: bearer bearerFormat: JWT ````