Assign License to Package

{
  "spdxId": "MIT"
}

{
  "success": true,
  "message": "License assigned successfully"
}

PUT

project

{projectId}

sca

packages

{packageId}

license

{
  "spdxId": "MIT"
}

{
  "success": true,
  "message": "License assigned successfully"
}

Path Parameters

projectId

string

required

The UUID of the project

packageId

string

required

The UUID of the SCA package

Authorization

Requires change_vulnerability_state permission on the project.

Request Body

spdxId

string

required

The SPDX license identifier to assign (e.g., MIT, Apache-2.0, GPL-3.0-only)

{
  "spdxId": "MIT"
}

Response

success

boolean

Whether the request succeeded

message

string

Confirmation message

{
  "success": true,
  "message": "License assigned successfully"
}

Assigning a license to a package that was previously categorized as Unknown will remove the Unknown placeholder and update the package’s license list. This is particularly useful for internal packages or packages whose license metadata is missing from the registry.

Get Packages by License Toggle Package License Ignore

Getting Started

Organization

Project

Team

User

Scanning

Vulnerabilities

SCA Licenses

Reports & Statistics

AI Agent

Policy Management

Source Code Integrations

Container Registries

SSO

Path Parameters

Authorization

Request Body

Response

Getting Started

Organization

Project

Team

User

Scanning

Vulnerabilities

SCA Licenses

Reports & Statistics

AI Agent

Policy Management

Source Code Integrations

Container Registries

SSO

​Path Parameters

​Authorization

​Request Body

​Response

Path Parameters

Authorization

Request Body

Response