> For the complete documentation index, see [llms.txt](https://docs.interlynk.io/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.interlynk.io/api/interlynk-api.md). # Interlynk API The Interlynk API lets you automate everything you can do in the Interlynk dashboard: upload SBOMs, download them in CycloneDX or SPDX, edit metadata, review vulnerabilities, and apply VEX. The API is GraphQL. There is one endpoint, and it handles both reads (queries) and writes (mutations). ``` https://api.interlynk.io/lynkapi ``` ## How to read these docs Every request in this documentation is a `curl` command you can copy, paste, and run. Set your security token as an environment variable first and the examples will work as written: ```bash export INTERLYNK_SECURITY_TOKEN="lynk_live_xxxxxxxxxxxxxxxxxxxx" ``` If you use the platform from a CI pipeline or a script in another language, the same requests apply. GraphQL over HTTP is just a `POST` with a JSON body. ## Start here | Page | What it covers | | -------------------------------------------------------- | --------------------------------------------------------- | | [Authentication](/api/getting-started/authentication.md) | Create a security token and make an authenticated request | | [Quickstart](/api/getting-started/quickstart.md) | Your first API call, end to end | | [Data Model](/api/concepts/data-model.md) | Products, environments, versions, and components | ## Common tasks | Guide | Use it to | | ------------------------------------------------------------------- | -------------------------------------------------------- | | [Upload an SBOM](/api/managing-sboms/upload-sbom.md) | Push an SBOM file to a product | | [Download an SBOM](/api/managing-sboms/download-sbom.md) | Pull an SBOM in CycloneDX or SPDX | | [List Products and Versions](/api/inventory/list-resources.md) | Find the IDs you need for other calls | | [Edit SBOM Metadata](/api/managing-sboms/edit-sbom-metadata.md) | Add or change SBOM authors and suppliers | | [Edit a Component](/api/inventory/edit-component.md) | Change a component's license, copyright, or other fields | | [Vulnerabilities and VEX](/api/security/vulnerabilities-and-vex.md) | List vulnerabilities and set VEX status | | [Manage Notifications](/api/security/notifications.md) | Control notification settings, preferences, and channels | | [Manage Users and Roles](/api/user-management/user-management.md) | Invite users, set roles, and configure SSO | ## Prefer a CLI? [`pylynk`](https://github.com/interlynk-io/pylynk) is the official command-line tool. It wraps the same API and is a good fit for CI/CD pipelines. These docs cover the raw API for everyone who wants to call it directly. --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.interlynk.io/api/interlynk-api.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.