Skip to main content
Skip table of contents

Mend SCA API 2.0 - Roles and permissions

Overview

In this article, we cover the Mend roles and their permissions to use SCA API 2.0 for the organization and product scopes from the Mend Application, using the following legend:

Value

Description

(tick)

Yes, no limitations

(warning)

Yes, with limitations

(error)

No, no exceptions

A "read-only" API endpoint allows you to retrieve data or access information but does not permit any modifications, updates, or deletions to the data. An “alteration” API endpoint is the opposite, where it allows you to create, update, or delete records, alter configurations, or modify the state of data within your defined scope(s).

Tip: To obtain this information via API 2.0, use our Get All Available Permissions Grouped By Roles endpoint.

Reference

Mend SCA API 2.0 - Service user permissions

When a service user is initially created in the Mend Application, they are automatically added to the default Mend “users” group, which has the Organization Member role.

User Type

Generate JWT Token

Run “read-only” API 2.0 endpoints

Run “alteration” API 2.0 endpoints

Service user

(tick)

(warning)
For scopes without assigned roles

(error)

Mend SCA API 2.0 - Mend default groups permissions

Mend has two pre-defined user groups, admins and users.

  • admin - Organization Administrator role

  • users - Organization Member role

Group

Generate JWT Token

Run “read-only” API 2.0 endpoints

Run “alteration” API 2.0 endpoints

admin

(tick)

(tick)

(tick)

users

(tick)

(warning)
For scopes without assigned roles

(error)

Mend SCA API 2.0 - Organization-level roles permissions

Role

Generate JWT Token

Run “read-only” API 2.0 endpoints

Run “alteration” API 2.0 endpoints

Alert Ignorers

(tick)

(warning)
For scopes without assigned roles

(warning)
Only “ignore alert” endpoints

Auditors

(tick)

(warning)
For scopes without assigned roles

(error)

Default Approvers

(tick)

(tick)

(error)

License and Copyright Assigners

(tick)

(warning)
For scopes without assigned roles

(warning)
Only “license and copyright assignment” endpoints

New Alert Email Receivers

(tick)

(warning)
For scopes without assigned roles

(error)

Organization Administrators

(tick)

(tick)

(tick)

Organization Members

(tick)

(warning)
For scopes without assigned roles

(error)

Mend SCA API 2.0 - Product-level roles permissions

Role

Generate JWT Token

Run “read-only” API 2.0 endpoints

Run “alteration” API 2.0 endpoints

Product Administrators

(tick)

(warning)
Only for their assigned product(s)

(warning)
Only for their assigned product(s)

Product Alert Ignorers

(tick)

(warning)
Only for their assigned product(s)

(error)

Product Approver

(tick)

(warning)
Only for their assigned product(s)

(warning)
Only “ignore alert” endpoints for their assigned product(s)

Product Assignment

(tick)

(warning)
Only for their assigned product(s)

(warning)
Only “license and copyright assignment” endpoints for their assigned product(s)

Product Integrators

(tick)

(warning)
Only for their assigned product(s)

(error)

Product New Alert Email Receivers

(tick)

(warning)
Only for their assigned product(s)

(error)

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.