Container Image API 2.0 - Use with Postman

Overview

The easiest way to get started with the Container Image API 2.0 is to use it inside an API platform tool like Postman.

Mend Tip: We recommend reading our Getting started with Mend’s Container Image API 2.0 documentation to understand the API’s basic functionality before diving into this implementation article.

Getting it done

Prerequisites before using the Mend Container Image API in Postman

Download and install Postman.
Import Mend’s SCA API 2.0 into Postman.
Copy and save Mend’s Container Image API 2.0 locally in a JSON-formatted file.

Configure the Mend Container Image API in Postman

Step One: Import the Container Image API as a Postman Collection

Once you download the Container Image API JSON, you will import it into Postman as a Collection.

Mend Tip: Before proceeding, change the “host" parameter value within your Container Image API JSON from "baseUrl" to your Mend API server instance.
For example: "host": "api-saas.mend.io"

Open your Postman instance.
Find and click on Collections → Import:
A new window will appear, prompting you to import data. “Drop” or “Select” the Container Image API JSON file that you saved during the prerequisite steps:
The “Choose how to import your API” window will appear. select Postman Collection.
Select View Import Settings:
Within Import Settings:
- Set Folder organization to Tags:
- Enable Always inherit authentication:
Scroll up to the top of the window and click on the back arrow next to Import Settings:
In the “Choose how to import your API” window, click on the Import button:

Congratulations! You have successfully imported the Container Image API into Postman as a Collection.

Step Two: Authenticate via the SCA API

In order to use the Container Image API, you must first authenticate via the SCA API using the SCA Login API request.

Create Postman environment variables for the SCA Login API request body, for example:
CODE
```
{
  "email": "{{email}}",
  "orgToken": "{{apiKey}}",
  "userKey": "{{userKey}}"
}
```

Run the SCA Login API request. It will return two required authentication values for the Container Image API: JWT token and orgUUID.

Mend Tip: Insert the Postman Test Script below to automate the Postman global environment variable creation and setting of your authentication values (JWT token and orgUUID) returned by the SCA Login API request:

CODE

let responseData = pm.response.json();

// Set JWT Token Environment Variable
var responseToken = responseData["retVal"]["jwtToken"];
pm.environment.set("jwtToken", responseToken);

// Set Org UUID Environment Variable
var responseUuid = responseData["retVal"]["orgUuid"];
pm.environment.set("orgUuid", responseUuid);

Step Three: Switch over to the Container Image API URL

Now that you’ve signed in via the SCA Login API, it’s time to switch over to the Container Image API URL and explore the multiple endpoints offered: Mend Container Image REST API 2.0

Run Mend Container Image API requests in Postman

Container Images API Example: "Get Images"

The Get Images API request returns all of the images scanned by Mend within your organization.

Here is an example Get Images API request with the orguuid Path Variable value set using a Postman environment variable:

Let’s add some supported query parameters to make this Get Images request more detailed:

Note: Query Params are set by default with placeholders. We recommend removing the placeholder or disabling the parameter in the instance you are not going to use it, or, change it to a valid value.

By clicking on the Send button, we run the Get Images API request and it returns data for our example: