Skip to main content

ComponentLicenses

Get license information for a software component identified by Package URL.

HTTP Request Example

Response Format

Returns license data for a component in two forms:
  • Licenses list: All detected licenses in the component
  • SPDX expression: Combined license expression when determinable
Key fields:
  • purl: Component identifier
  • licenses: List of detected licenses
    • id: SPDX ID or license reference
    • full_name: License name
    • is_spdx_approved: SPDX approval status
    • url: License reference URL
  • statement: SPDX expression (when available)
  • version: Resolved component version
  • url: Component source URL
  • requirement: Version constraint from request
  • info_code: Processing result code
  • info_message: Human-readable status message

Info Codes

The info_code field reports the outcome of processing each component. Possible values:

Response Examples

Multiple licenses (no SPDX expression)

Occurs when a component has multiple licenses without a single unified expression.

SPDX expression (OR)

Returned when the component specifies a license choice.

SPDX expression (AND)

Returned when multiple licenses must be satisfied together.

Error Response

ComponentsLicenses

Get license information for multiple software components in a single request.

HTTP Request Example