get
/public_api/v1/assets/{assetID}/sbom
Get an SBOM (Software Bill of Materials) report for the specified asset. You can specify the format and version of the SBOM, as well as which attribute you would like included.
Required license: Cortex Cloud Runtime Security. In Cortex Cloud Posture Management, requires the Cortex Cloud Runtime Security add-on.
Path parameters
assetID
String
required
ID of the asset of which you want to export the SBOM
ID of the asset of which you want to export the SBOM
Example:
assetID_example
Request headers
Authorization
String
required
{api_key}
{api_key}
Example:
UCoWpG4rkNzgCp2dsh8m02iVpZsskwKHz7N1tErPcUV3Wmf59Gc9kytmgOv0pDWoem3PBlORyRIPiir4OcYdWUOWAM3JyTgoCxQf4nQoTlKmFRKz9Bj5vIjluw66p9WP
x-xdr-auth-id
String
required
{api_key_id}
{api_key_id}
Example:
241
Query parameters
format
String
The format in which the SBOM is to be exported.
The format in which the SBOM is to be exported.
Allowed values:
XML
JSON
Example:
format_example
output_format
String
The version of the SBOM format to be used.
The version of the SBOM format to be used.
Allowed values:
CycloneDX 1.4
SPDX
Example:
outputFormat_example
attributes
String
The list of attributes to be included in the SBOM. If not specified, all fields are included except Type and Name, which are always included.
The list of attributes to be included in the SBOM. If not specified, all fields are included except Type and Name, which are always included.
Allowed values:
PURL
Author
Version
License
Source Package
Binaries
Example:
attributes_example
CLIENT REQUEST
curl -X 'GET'
-H
'Accept: application/xml,application/json'
-H
'Authorization: UCoWpG4rkNzgCp2dsh8m02iVpZsskwKHz7N1tErPcUV3Wmf59Gc9kytmgOv0pDWoem3PBlORyRIPiir4OcYdWUOWAM3JyTgoCxQf4nQoTlKmFRKz9Bj5vIjluw66p9WP '
-H
'x-xdr-auth-id: 241'
'https://api-yourfqdn/public_api/v1/assets/{assetID}/sbom?format=format_example&output_format=outputFormat_example&attributes=attributes_example'
import http.client
conn = http.client.HTTPSConnection("api-yourfqdn")
headers = {
'Authorization': "UCoWpG4rkNzgCp2dsh8m02iVpZsskwKHz7N1tErPcUV3Wmf59Gc9kytmgOv0pDWoem3PBlORyRIPiir4OcYdWUOWAM3JyTgoCxQf4nQoTlKmFRKz9Bj5vIjluw66p9WP ",
'x-xdr-auth-id': "241"
}
conn.request("GET", "/public_api/v1/assets/%7BassetID%7D/sbom?format=SOME_STRING_VALUE&output_format=SOME_STRING_VALUE&attributes=SOME_STRING_VALUE", headers=headers)
res = conn.getresponse()
data = res.read()
print(data.decode("utf-8"))require 'uri'
require 'net/http'
require 'openssl'
url = URI("https://api-yourfqdn/public_api/v1/assets/%7BassetID%7D/sbom?format=SOME_STRING_VALUE&output_format=SOME_STRING_VALUE&attributes=SOME_STRING_VALUE")
http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
http.verify_mode = OpenSSL::SSL::VERIFY_NONE
request = Net::HTTP::Get.new(url)
request["Authorization"] = 'UCoWpG4rkNzgCp2dsh8m02iVpZsskwKHz7N1tErPcUV3Wmf59Gc9kytmgOv0pDWoem3PBlORyRIPiir4OcYdWUOWAM3JyTgoCxQf4nQoTlKmFRKz9Bj5vIjluw66p9WP '
request["x-xdr-auth-id"] = '241'
response = http.request(request)
puts response.read_bodyconst data = null;
const xhr = new XMLHttpRequest();
xhr.withCredentials = true;
xhr.addEventListener("readystatechange", function () {
if (this.readyState === this.DONE) {
console.log(this.responseText);
}
});
xhr.open("GET", "https://api-yourfqdn/public_api/v1/assets/%7BassetID%7D/sbom?format=SOME_STRING_VALUE&output_format=SOME_STRING_VALUE&attributes=SOME_STRING_VALUE");
xhr.setRequestHeader("Authorization", "UCoWpG4rkNzgCp2dsh8m02iVpZsskwKHz7N1tErPcUV3Wmf59Gc9kytmgOv0pDWoem3PBlORyRIPiir4OcYdWUOWAM3JyTgoCxQf4nQoTlKmFRKz9Bj5vIjluw66p9WP ");
xhr.setRequestHeader("x-xdr-auth-id", "241");
xhr.send(data);HttpResponse<String> response = Unirest.get("https://api-yourfqdn/public_api/v1/assets/%7BassetID%7D/sbom?format=SOME_STRING_VALUE&output_format=SOME_STRING_VALUE&attributes=SOME_STRING_VALUE")
.header("Authorization", "UCoWpG4rkNzgCp2dsh8m02iVpZsskwKHz7N1tErPcUV3Wmf59Gc9kytmgOv0pDWoem3PBlORyRIPiir4OcYdWUOWAM3JyTgoCxQf4nQoTlKmFRKz9Bj5vIjluw66p9WP ")
.header("x-xdr-auth-id", "241")
.asString();import Foundation
let headers = [
"Authorization": "UCoWpG4rkNzgCp2dsh8m02iVpZsskwKHz7N1tErPcUV3Wmf59Gc9kytmgOv0pDWoem3PBlORyRIPiir4OcYdWUOWAM3JyTgoCxQf4nQoTlKmFRKz9Bj5vIjluw66p9WP ",
"x-xdr-auth-id": "241"
]
let request = NSMutableURLRequest(url: NSURL(string: "https://api-yourfqdn/public_api/v1/assets/%7BassetID%7D/sbom?format=SOME_STRING_VALUE&output_format=SOME_STRING_VALUE&attributes=SOME_STRING_VALUE")! as URL,
cachePolicy: .useProtocolCachePolicy,
timeoutInterval: 10.0)
request.httpMethod = "GET"
request.allHTTPHeaderFields = headers
let session = URLSession.shared
let dataTask = session.dataTask(with: request as URLRequest, completionHandler: { (data, response, error) -> Void in
if (error != nil) {
print(error)
} else {
let httpResponse = response as? HTTPURLResponse
print(httpResponse)
}
})
dataTask.resume()<?php
$curl = curl_init();
curl_setopt_array($curl, [
CURLOPT_URL => "https://api-yourfqdn/public_api/v1/assets/%7BassetID%7D/sbom?format=SOME_STRING_VALUE&output_format=SOME_STRING_VALUE&attributes=SOME_STRING_VALUE",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "GET",
CURLOPT_HTTPHEADER => [
"Authorization: UCoWpG4rkNzgCp2dsh8m02iVpZsskwKHz7N1tErPcUV3Wmf59Gc9kytmgOv0pDWoem3PBlORyRIPiir4OcYdWUOWAM3JyTgoCxQf4nQoTlKmFRKz9Bj5vIjluw66p9WP ",
"x-xdr-auth-id: 241"
],
]);
$response = curl_exec($curl);
$err = curl_error($curl);
curl_close($curl);
if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}CURL *hnd = curl_easy_init();
curl_easy_setopt(hnd, CURLOPT_CUSTOMREQUEST, "GET");
curl_easy_setopt(hnd, CURLOPT_URL, "https://api-yourfqdn/public_api/v1/assets/%7BassetID%7D/sbom?format=SOME_STRING_VALUE&output_format=SOME_STRING_VALUE&attributes=SOME_STRING_VALUE");
struct curl_slist *headers = NULL;
headers = curl_slist_append(headers, "Authorization: UCoWpG4rkNzgCp2dsh8m02iVpZsskwKHz7N1tErPcUV3Wmf59Gc9kytmgOv0pDWoem3PBlORyRIPiir4OcYdWUOWAM3JyTgoCxQf4nQoTlKmFRKz9Bj5vIjluw66p9WP ");
headers = curl_slist_append(headers, "x-xdr-auth-id: 241");
curl_easy_setopt(hnd, CURLOPT_HTTPHEADER, headers);
CURLcode ret = curl_easy_perform(hnd);var client = new RestClient("https://api-yourfqdn/public_api/v1/assets/%7BassetID%7D/sbom?format=SOME_STRING_VALUE&output_format=SOME_STRING_VALUE&attributes=SOME_STRING_VALUE");
var request = new RestRequest(Method.GET);
request.AddHeader("Authorization", "UCoWpG4rkNzgCp2dsh8m02iVpZsskwKHz7N1tErPcUV3Wmf59Gc9kytmgOv0pDWoem3PBlORyRIPiir4OcYdWUOWAM3JyTgoCxQf4nQoTlKmFRKz9Bj5vIjluw66p9WP ");
request.AddHeader("x-xdr-auth-id", "241");
IRestResponse response = client.Execute(request);Responses
OK. The request was successful, and the SBOM data is returned in the specified format.
Body
application/xml
stringbinary
RESPONSE
<root>[binary file]</root>
Bad Request. The request was malformed, missing the required parameters, or the Asset ID provided does not support SBOM Export.
Body
application/json
err_codestringHTTP response code.
HTTP response code.
err_msgstringError message.
Error message.
err_extrastringAdditional information describing the error.
Additional information describing the error.
RESPONSE
{
"err_code": "example",
"err_msg": "example",
"err_extra": "example"
}The API key provided is invalid or missing.
Body
application/json
err_codestringHTTP response code.
HTTP response code.
err_msgstringError message.
Error message.
err_extrastringAdditional information describing the error.
Additional information describing the error.
RESPONSE
{
"err_code": "example",
"err_msg": "example",
"err_extra": "example"
}Forbidden. The API key does not have the necessary permissions to access the requested resource.
Body
application/json
err_codestringHTTP response code.
HTTP response code.
err_msgstringError message.
Error message.
err_extrastringAdditional information describing the error.
Additional information describing the error.
RESPONSE
{
"err_code": "example",
"err_msg": "example",
"err_extra": "example"
}The specified asset was not found.
Body
application/json
err_codestringHTTP response code.
HTTP response code.
err_msgstringError message.
Error message.
err_extrastringAdditional information describing the error.
Additional information describing the error.
RESPONSE
{
"err_code": "example",
"err_msg": "example",
"err_extra": "example"
}An error occurred on the server while processing the request.
Body
application/json
err_codestringHTTP response code.
HTTP response code.
err_msgstringError message.
Error message.
err_extrastringAdditional information describing the error.
Additional information describing the error.
RESPONSE
{
"err_code": "example",
"err_msg": "example",
"err_extra": "example"
}