Generating reports
Trigger org-wide reports via the API: audit/due diligence reports and global issue CSV exports.
Enterprise feature
Available on: Business, Enterprise.
Overview
These recipes show how to trigger the global org-wide reports available from the Reports dashboard. For project-level attribution reports, see Downloading attribution reports.
Note
- A FOSSA API token with Full access. See Authentication.
- Organization Report or Team Report create permission.
Generating an audit / due diligence report
The audit report provides an org-wide summary of issues and project changes. It is generated as a background job and delivered by email.
curl 'https://app.fossa.com/api/organization/summary' \ -H 'Authorization: Bearer YOUR_API_KEY'The response includes a jobToken you can use to poll the job status. When the job completes, the report is emailed to the requesting user's address.
Scope to a team
Pass teamId to limit the report to projects belonging to a specific team:
curl -G 'https://app.fossa.com/api/organization/summary' \ -d 'teamId=42' \ -H 'Authorization: Bearer YOUR_API_KEY'Generating a global issue CSV export
GET /api/v2/issues/csv/global exports all issues across your organization as a ZIP file containing separate CSVs for licensing, security, and quality issues.
Download immediately
curl -G 'https://app.fossa.com/api/v2/issues/csv/global' \ -H 'Authorization: Bearer YOUR_API_KEY' \ --output fossa-issues.zipEmail the report
For large organizations, request email delivery instead:
curl -G 'https://app.fossa.com/api/v2/issues/csv/global' \ -d 'email=true' \ -H 'Authorization: Bearer YOUR_API_KEY'The response includes a jobToken that resolves when the report has been sent.
Scope to a team
curl -G 'https://app.fossa.com/api/v2/issues/csv/global' \ -d 'teamIds[]=42' \ -H 'Authorization: Bearer YOUR_API_KEY' \ --output fossa-issues-team42.zipPolling job status
Both the audit report and the emailed CSV export return a job token. Poll the token to track completion:
curl -G 'https://app.fossa.com/api/jobs/status' \ -d 'jobs[]=YOUR_JOB_TOKEN' \ -H 'Authorization: Bearer YOUR_API_KEY'The response nests each token under jobs:
{ "jobs": { "YOUR_JOB_TOKEN": { "status": "finished" } } }A status of finished means the report has been sent. The other values are running, created, and failed; on failed, retry or contact support.