Skip to main content
POST
/
v1
/
findings
/
ingest-sbom
Ingest SBOM findings
curl --request POST \
  --url https://api.app.chainloop.dev/v1/findings/ingest-sbom \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "project_version_id": "<string>",
  "digest": "<string>"
}
'
{
  "evidence_id": "evidence_id"
}

Authorizations

Authorization
string
header
required

Bearer token for authentication

Body

application/json

Request to ingest CycloneDX SBOM-embedded vulnerabilities as findings

Request to ingest CycloneDX SBOM-embedded vulnerabilities as findings

project_version_id
string

ID of the project version the findings will be bound to

digest
string

CAS digest of the CycloneDX SBOM evidence already attached to the project version (e.g. sha256:...)

Response

A successful response.

Response for the IngestSBOMFindings method

evidence_id
string

ID of the evidence whose embedded vulnerabilities are being ingested