Login Contact Us Book a Demo

OSS Index API Now in Sonatype Guide

OSS Index API usage will be managed through Sonatype Guide via a compatibility API. OSS Index users must migrate their account to continue using the API.

Migrate to Sonatype Guide

Create your free account to access your OSS Index API, Sonatype Guide's API and MCP server, and best-in-class vulnerability info, version data, package licensing, and more. 

Sign in with OSS Index Credentials

Same Intelligence. More Capabilities.

The AI-driven development lifecycle is here, changing how open source dependencies are selected and how applications are built. Sonatype Guide brings you everything you trust from OSS Index, plus new capabilities designed for this new era of software development.

What's Changing?

  • Updated packages (free and paid) through Sonatype Guide to support predictable usage at scale.
  • New Guide API with vulnerability details, version data, and deeper component details.
  • Enhanced component and vulnerability search.
  • MCP Server Integration for AI coding assistants.

What's Not Changing?

  • The OSS Index API will continue to be available via compatibility API in Sonatype Guide
  • Users can expect continued compatibility with existing integrations such as Dependency-Track and Dependency-Check

Introducing Sonatype Guide

Sonatype Guide was created to address these new realities. Guide is not a new version of OSS Index. It is a developer-first solution designed specifically for AI-assisted and automated software development.

GUIDE PROVIDES:

  • Real-time open source and vulnerability intelligence
  • Automation-ready access via APIs and MCP
  • Support for AI coding assistants, pipelines, and agents
  • Enterprise-grade scalability and support

GUIDE CAN BE USED:

  • As a standalone solution
  • Alongside existing Sonatype products
Developer trust score powered by component intelligence within Sonatype Guide

Required Actions

For uninterrupted access to your OSS Index API via compatibility API in Sonatype Guide and new features follow these simple steps:

1.

Sign In To Guide

Sign in to Sonatype Guide with your OSS Index login credentials.

2.

Evaluate Usage

View your historical OSS Index API usage and decide which plan best suits your organization’s needs.

3.

Explore New Features

Continue managing dependencies across your SDLC and extend protection to AI-driven development with Guide.

OSS Index and Guide: Continuity and Clarity

OSS Index played a critical role by providing free, high-quality vulnerability intelligence for many developers and organizations. But it was built for a world where humans were in the loop. Today's AI-driven software supply chains require something different: real-time, continuously curated intelligence that automated systems can safely rely on. While software development has fundamentally changed, one thing hasn't. Teams are still accountable for what ships to production. Sonatype Guide helps ensure builds are secure in an era of where open source risk continues to scale exponentially. 

What to Expect: 

  • The OSS Index API will continue to be available via compatibility API in Sonatype Guide.
  • Users can expect continued compatibility with existing integrations such as Dependency-Track and Dependency-Check.
  • Free and paid packages will be offered, scaling based on usage and consumption needs.
  • Users will have clear options to continue using OSS Index or transition to Guide as needs evolve.

Guide provides a path forward for teams looking to fully automate open source security in AI-powered SDLCs. Our goal is to make this transition clear, predictable, and non-disruptive while supporting the realities of modern, AI-assisted development.