Skip to main content
Integrate your email address with Endor Labs and automatically receive policy violations as email notifications.

Configure email integration

To configure an email integration, follow these steps:
  1. Sign in to Endor Labs and select Integrations from the left sidebar.
  2. Navigate to Email under Notifications and click Add.
  3. Click Add Notification Integration.
  4. Specify a name and description for this integration.
  5. Enter email addresses separated by commas in EMAIL ADDRESSES.
  6. Click Add Notification Integration.

Associate an action policy with the email notification

Users can create action policies to send an email notification when a scan matches policy conditions. For example, if there is a critical or high vulnerability, send an email notification. While creating an action policy, configure the following settings:
  • Select Choose an Action as Send Notification.
  • From SELECT NOTIFICATION TARGETS, choose the email integration notification that you created.
  • Choose an Aggregation type for notifications.
    • Choose None (Notify for each Finding) to trigger a separate email for each finding.
    • Choose Project to group and send all the findings related to a project in one email.
    • Choose Dependency to send individual emails for every dependency.
    • Choose Dependency per package version to send emails for every unique combination of dependency and package version.
  • From Assign Scope, include the project tags in INCLUSIONS to apply this policy to a project.
See Create an action policy for more details.

Customize email notification templates

Endor Labs provides a default template with standard information for the email. You can use the default template or you can choose to edit and customize this template to fit your organization’s specific requirements. You can also create custom templates using Go Templates.
  1. Sign in to Endor Labs and select Integrations from the left sidebar.
  2. Look for Email under Notifications.
  3. Click Manage to view the list of configured notification integrations.
  4. Choose a notification integration and click the ellipsis on the right side, and click Edit Template.
  5. Make required changes to any of the following templates and click Save Template.
    • Open - This template applies when Endor Labs raises new notifications.
    • Update - This template applies when an existing notification updates, such as when findings change.
    • Resolve - This template applies when all findings reported by the notification resolve.
  6. Click Restore to Default to revert the changes.
  7. Use the download icon on the top right corner to download this template.
  8. Use the copy icon to copy the information in the template.

Data model

To create custom templates for email notifications, you must understand the data supplied to the template. See the EmailData message used for Open and Update templates. See the ResolvedEmailData message used for Resolve template. See the following protobuf specification for the NotificationData message referenced by EmailData. To understand Project, Finding, PackageVersion and RepositoryVersion definitions in this protobuf specification, see: See the following specification to understand a few additional functions available to the template. You can access these functions by using their corresponding keys.

Run a scan

Run the endorctl scan on your configured projects. See endorctl scan commands for more information. You can view email notifications of policy violations in your inbox.