Skip to main content

Events

Snyk API & Web saves records and sends notifications of important events related to an account. So, instead of polling Snyk API & Web repeatedly to get information and figure out whether something happened, register Webhooks and get notified by Snyk API & Web about events in real-time.

Snyk API & Web sends notifications for the following events:

  • Account Events

    • A user was created.
    • A user was deleted.
    • A target was created.
    • A target was deleted.
    • A target was verified with success.
    • A target was verified and failed.
  • Target Events

    • A scan was started.
    • A scan was completed.
    • A scan was canceled.
    • A scan failed.
    • A vulnerability finding was detected.
    • A vulnerability finding was fixed.

Event notifications sent to Webhooks depend on the type of events Webhooks are registered for:

Webhook RegistrationEvent Notifications
Account EventsThe Webhook receives notifications from Snyk API & Web about account events and target events for all targets of the account.
Target EventsThe Webhook receives notifications from Snyk API & Web about target events for a specific target of the account.

Functionality

The endpoints under Events provide the following functionality:

  • Register and manage Webhooks for account events.
  • Register and manage Webhooks for target events.
  • List and retrieve account events.
  • List and retrieve target events.

Important Notes

Some relevant information when using Events:

  • Account owners will only see and be notified of events related to their accounts.
  • The Webhook URLs are required to be HTTPS.
  • For security reasons, Webhooks should have a unique and hard-to-guess identifier.
    For example, https://webhook.example.com/d69179e3b06549469817560c650be98f/
  • Event notifications are sent in JSON format.
  • After sending an event notification, an HTTP success status code (2XX) is expected in response.
  • In case an event notification fails, Snyk API & Web will retry to send it again with an exponential back-off (maxing out at 4 hours) for 2 days, at the end of which an email is sent informing the failure.

Further functionality related to Events is provided in the following tags:

  • Account - Manage the account.
  • User - Manage specific settings of users returned by Account Events, like the profile, passwords, or notifications.
  • Targets - Manage targets returned by Account Events.
  • Scans - Manage scans returned by Target Events.
  • Findings - Manage vulnerability findings returned by Target Events.