This use case scenario provides the Annotations REST API command and payload for approving a mitigation proposal against one or more findings for an application.
You can use the Applications API to get the GUID for an application.
Use this command to approve a mitigation proposal, with a comment, for an application with
two findings:
http --auth-type=veracode_hmac POST "https://api.veracode.com/appsec/v2/applications/{application_guid}/annotations" < input.json
The API passes the JSON file that you populate with the necessary
values as shown in this example:
{
"issue_list": "1,2",
"comment": "This is my comment",
"action": "ACCEPTED"
}
| Name | Type | Description |
|---|---|---|
| issue_list Required |
String | Comma-separated list of finding (flaw) IDs. You can use the Findings API to get a list of finding IDs for an application. |
| comment Required |
String | Enter a brief comment about the findings for issue_list. |