Get License Summary

curl --request GET \
  --url https://api.example.com/project/{projectId}/results/sca/licenses/summary

{
  "success": true,
  "data": {
    "projectId": "550e8400-e29b-41d4-a716-446655440001",
    "totalPackages": 142,
    "packagesWithLicenses": 135,
    "packagesWithoutLicenses": 7,
    "permissiveCount": 120,
    "weakCopyleftCount": 8,
    "strongCopyleftCount": 3,
    "unknownCount": 7,
    "ignoredCount": 4,
    "licenses": [
      {
        "spdxId": "MIT",
        "name": "MIT License",
        "category": "PERMISSIVE",
        "risk": "NONE",
        "riskDescription": "Minimal restrictions on use, modification, and redistribution",
        "count": 85
      },
      {
        "spdxId": "Apache-2.0",
        "name": "Apache License 2.0",
        "category": "PERMISSIVE",
        "risk": "NONE",
        "riskDescription": "Minimal restrictions on use, modification, and redistribution",
        "count": 25
      },
      {
        "spdxId": "GPL-3.0-only",
        "name": "GNU General Public License v3.0 only",
        "category": "STRONG_COPYLEFT",
        "risk": "HIGH",
        "riskDescription": "Requires derivative works to be released under the same license",
        "count": 3
      }
    ]
  }
}

GET

project

{projectId}

results

sca

licenses

summary

Get License Summary

curl --request GET \
  --url https://api.example.com/project/{projectId}/results/sca/licenses/summary

{
  "success": true,
  "data": {
    "projectId": "550e8400-e29b-41d4-a716-446655440001",
    "totalPackages": 142,
    "packagesWithLicenses": 135,
    "packagesWithoutLicenses": 7,
    "permissiveCount": 120,
    "weakCopyleftCount": 8,
    "strongCopyleftCount": 3,
    "unknownCount": 7,
    "ignoredCount": 4,
    "licenses": [
      {
        "spdxId": "MIT",
        "name": "MIT License",
        "category": "PERMISSIVE",
        "risk": "NONE",
        "riskDescription": "Minimal restrictions on use, modification, and redistribution",
        "count": 85
      },
      {
        "spdxId": "Apache-2.0",
        "name": "Apache License 2.0",
        "category": "PERMISSIVE",
        "risk": "NONE",
        "riskDescription": "Minimal restrictions on use, modification, and redistribution",
        "count": 25
      },
      {
        "spdxId": "GPL-3.0-only",
        "name": "GNU General Public License v3.0 only",
        "category": "STRONG_COPYLEFT",
        "risk": "HIGH",
        "riskDescription": "Requires derivative works to be released under the same license",
        "count": 3
      }
    ]
  }
}

Path Parameters

projectId

string

required

The UUID of the project

Query Parameters

branch

string

Filter by Git branch name

organizationId

string

The UUID of the organization (required for permission resolution)

packageType

string[]

Filter by package ecosystem (e.g., npm, pip, maven, go). Can be specified multiple times.

Authorization

Requires read_scan_result permission on the project.

Response

success

boolean

Whether the request succeeded

data

object

Show License Summary Object

projectId

string

The project UUID

totalPackages

number

Total number of SCA packages

packagesWithLicenses

number

Number of packages with at least one detected license

packagesWithoutLicenses

number

Number of packages with no detected license

permissiveCount

number

Number of packages classified as Permissive

weakCopyleftCount

number

Number of packages classified as Weak Copyleft

strongCopyleftCount

number

Number of packages classified as Strong Copyleft

unknownCount

number

Number of packages with unknown or unresolved licenses

ignoredCount

number

Number of packages marked as ignored for license analysis

licenses

array

Show License Item

spdxId

string

SPDX license identifier (e.g., MIT, Apache-2.0)

name

string

Human-readable license name

category

string

License category: PERMISSIVE, WEAK_COPYLEFT, STRONG_COPYLEFT, or UNKNOWN

risk

string

Risk level: NONE, MEDIUM, HIGH, or UNKNOWN

riskDescription

string

Human-readable description of the risk implications

count

number

Number of packages using this license

{
  "success": true,
  "data": {
    "projectId": "550e8400-e29b-41d4-a716-446655440001",
    "totalPackages": 142,
    "packagesWithLicenses": 135,
    "packagesWithoutLicenses": 7,
    "permissiveCount": 120,
    "weakCopyleftCount": 8,
    "strongCopyleftCount": 3,
    "unknownCount": 7,
    "ignoredCount": 4,
    "licenses": [
      {
        "spdxId": "MIT",
        "name": "MIT License",
        "category": "PERMISSIVE",
        "risk": "NONE",
        "riskDescription": "Minimal restrictions on use, modification, and redistribution",
        "count": 85
      },
      {
        "spdxId": "Apache-2.0",
        "name": "Apache License 2.0",
        "category": "PERMISSIVE",
        "risk": "NONE",
        "riskDescription": "Minimal restrictions on use, modification, and redistribution",
        "count": 25
      },
      {
        "spdxId": "GPL-3.0-only",
        "name": "GNU General Public License v3.0 only",
        "category": "STRONG_COPYLEFT",
        "risk": "HIGH",
        "riskDescription": "Requires derivative works to be released under the same license",
        "count": 3
      }
    ]
  }
}

Batch update multiple vulnerabilities Get Packages by License

Getting Started

Organization

Project

Team

User

Scanning

Vulnerabilities

SCA Licenses

Reports & Statistics

AI Agent

Policy Management

Source Code Integrations

Container Registries

SSO

Get License Summary

Path Parameters

Query Parameters

Authorization

Response

Getting Started

Organization

Project

Team

User

Scanning

Vulnerabilities

SCA Licenses

Reports & Statistics

AI Agent

Policy Management

Source Code Integrations

Container Registries

SSO

​Path Parameters

​Query Parameters

​Authorization

​Response

Path Parameters

Query Parameters

Authorization

Response