List pieces of evidence

curl --request GET \
  --url https://api.app.chainloop.dev/v1/evidence \
  --header 'Authorization: Bearer <token>'

{
  "pagination": {
    "next_cursor": "next_cursor"
  },
  "results": [
    {
      "workflow_id": "workflow_id",
      "workflow_name": "workflow_name",
      "uploaded_to_cas": true,
      "subject_version": "subject_version",
      "annotations": {
        "key": "annotations"
      },
      "created_at": "2000-01-23T04:56:07.000Z",
      "project_name": "project_name",
      "latest_in_project": true,
      "policies_total": 2,
      "project_version_name": "project_version_name",
      "project_id": "project_id",
      "ingestion_finished_at": "2000-01-23T04:56:07.000Z",
      "digest": "digest",
      "id": "id",
      "workflow_run_id": "workflow_run_id",
      "policies_passed": 5,
      "kind": "kind",
      "latest_in_project_version": true,
      "ingestion_started_at": "2000-01-23T04:56:07.000Z",
      "organization_name": "organization_name",
      "project_version_id": "project_version_id",
      "ingestion_has_error": true,
      "policy_status_summary": {
        "violated": 5,
        "total": 0,
        "has_gates": true,
        "passed": 6,
        "status": "RUN_POLICY_STATUS_UNSPECIFIED",
        "skipped": 1
      },
      "organization_id": "organization_id",
      "name": "name",
      "subject_name": "subject_name"
    },
    {
      "workflow_id": "workflow_id",
      "workflow_name": "workflow_name",
      "uploaded_to_cas": true,
      "subject_version": "subject_version",
      "annotations": {
        "key": "annotations"
      },
      "created_at": "2000-01-23T04:56:07.000Z",
      "project_name": "project_name",
      "latest_in_project": true,
      "policies_total": 2,
      "project_version_name": "project_version_name",
      "project_id": "project_id",
      "ingestion_finished_at": "2000-01-23T04:56:07.000Z",
      "digest": "digest",
      "id": "id",
      "workflow_run_id": "workflow_run_id",
      "policies_passed": 5,
      "kind": "kind",
      "latest_in_project_version": true,
      "ingestion_started_at": "2000-01-23T04:56:07.000Z",
      "organization_name": "organization_name",
      "project_version_id": "project_version_id",
      "ingestion_has_error": true,
      "policy_status_summary": {
        "violated": 5,
        "total": 0,
        "has_gates": true,
        "passed": 6,
        "status": "RUN_POLICY_STATUS_UNSPECIFIED",
        "skipped": 1
      },
      "organization_id": "organization_id",
      "name": "name",
      "subject_name": "subject_name"
    }
  ]
}

GET

evidence

List pieces of evidence

curl --request GET \
  --url https://api.app.chainloop.dev/v1/evidence \
  --header 'Authorization: Bearer <token>'

{
  "pagination": {
    "next_cursor": "next_cursor"
  },
  "results": [
    {
      "workflow_id": "workflow_id",
      "workflow_name": "workflow_name",
      "uploaded_to_cas": true,
      "subject_version": "subject_version",
      "annotations": {
        "key": "annotations"
      },
      "created_at": "2000-01-23T04:56:07.000Z",
      "project_name": "project_name",
      "latest_in_project": true,
      "policies_total": 2,
      "project_version_name": "project_version_name",
      "project_id": "project_id",
      "ingestion_finished_at": "2000-01-23T04:56:07.000Z",
      "digest": "digest",
      "id": "id",
      "workflow_run_id": "workflow_run_id",
      "policies_passed": 5,
      "kind": "kind",
      "latest_in_project_version": true,
      "ingestion_started_at": "2000-01-23T04:56:07.000Z",
      "organization_name": "organization_name",
      "project_version_id": "project_version_id",
      "ingestion_has_error": true,
      "policy_status_summary": {
        "violated": 5,
        "total": 0,
        "has_gates": true,
        "passed": 6,
        "status": "RUN_POLICY_STATUS_UNSPECIFIED",
        "skipped": 1
      },
      "organization_id": "organization_id",
      "name": "name",
      "subject_name": "subject_name"
    },
    {
      "workflow_id": "workflow_id",
      "workflow_name": "workflow_name",
      "uploaded_to_cas": true,
      "subject_version": "subject_version",
      "annotations": {
        "key": "annotations"
      },
      "created_at": "2000-01-23T04:56:07.000Z",
      "project_name": "project_name",
      "latest_in_project": true,
      "policies_total": 2,
      "project_version_name": "project_version_name",
      "project_id": "project_id",
      "ingestion_finished_at": "2000-01-23T04:56:07.000Z",
      "digest": "digest",
      "id": "id",
      "workflow_run_id": "workflow_run_id",
      "policies_passed": 5,
      "kind": "kind",
      "latest_in_project_version": true,
      "ingestion_started_at": "2000-01-23T04:56:07.000Z",
      "organization_name": "organization_name",
      "project_version_id": "project_version_id",
      "ingestion_has_error": true,
      "policy_status_summary": {
        "violated": 5,
        "total": 0,
        "has_gates": true,
        "passed": 6,
        "status": "RUN_POLICY_STATUS_UNSPECIFIED",
        "skipped": 1
      },
      "organization_id": "organization_id",
      "name": "name",
      "subject_name": "subject_name"
    }
  ]
}

Authorizations

Authorization

string

header

required

Bearer token for authentication

Query Parameters

project_name

string

ProjectName is the name of the project to filter by

project_version_name

string

ProjectVersionName is the name of the project version to filter by

kind

enum<string>[]

Kind is the type of evidence to filter by

The type of evidence to filter by

CHAINLOOP_AI_AGENT_CONFIG: AI agent configuration collected automatically during attestation
UNKNOWN_KIND: Artifact kind is unknown — created from SBOM metadata when no matching attested artifact exists
CHAINLOOP_AI_CODING_SESSION: AI coding session evidence (e.g., Claude Code session traces)

Available options:

MATERIAL_TYPE_UNSPECIFIED,

STRING,

CONTAINER_IMAGE,

ARTIFACT,

SBOM_CYCLONEDX_JSON,

SBOM_SPDX_JSON,

JUNIT_XML,

OPENVEX,

HELM_CHART,

SARIF,

EVIDENCE,

ATTESTATION,

CSAF_VEX,

CSAF_INFORMATIONAL_ADVISORY,

CSAF_SECURITY_ADVISORY,

CSAF_SECURITY_INCIDENT_RESPONSE,

GITLAB_SECURITY_REPORT,

ZAP_DAST_ZIP,

BLACKDUCK_SCA_JSON,

TWISTCLI_SCAN_JSON,

GHAS_CODE_SCAN,

GHAS_SECRET_SCAN,

GHAS_DEPENDENCY_SCAN,

JACOCO_XML,

SLSA_PROVENANCE,

CHAINLOOP_RUNNER_CONTEXT,

CHAINLOOP_PR_INFO,

GITLEAKS_JSON,

CHAINLOOP_AI_AGENT_CONFIG,

UNKNOWN_KIND,

CHAINLOOP_AI_CODING_SESSION

pagination.cursor

string

The cursor to start pagination from

pagination.limit

integer<int32>

default:10

The limit of the number of entries to return

The maximum number of entries to return

latest

boolean

If true, only the latest evidence for each kind and name is returned

workflow_name

string[]

WorkflowName is the list of workflow names to filter by

List of workflow names to filter by (DNS-1123 format)

string

Search provides a way to search evidence by name, subject name, or digest

Search term to filter evidence by name, subject name, or digest (e.g., sha256:abc123...)

hide_attestation

boolean

HideAttestation excludes attestation evidence from results when set to true

If true, excludes attestation evidence from the results

product_id

string

ProductID is the ID of the product to filter by

ID of the product to filter evidence by

product_version_id

string

ProductVersionID is the ID of the product version to filter by

ID of the product version to filter evidence by. Must be provided with product_id

Response

A successful response.

Response for the List method

results

EvidenceListItem · object[]

Show child attributes

pagination

CursorPaginationResponse · object

Pagination information for cursor-based pagination

Show child attributes

Example:

{ "next_cursor": "next_cursor" }

Delete an environment Describe a piece of evidence