This use case scenario provides the Identity REST API command and payload for creating a user account.
Use this command to create a user account:
http --auth-type=veracode_hmac POST "https://api.veracode.com/api/authn/v2/users" < input.json
The API passes the JSON file that you populate with the necessary
values as shown in this example:
{ "email_address": "example@example.com", "first_name": "Example", "last_name": "User", "ip_restricted": false, "active": true, "roles": [ { "role_name": "extseclead" }, { "role_name": "extsubmitanyscan" } ], "title": "Sample", "user_name": "example@example.com", "userType": "VOSP" }
For some of the possible user account and API service account roles, you must explicitly include what the user is allowed to submit. The options are:
- Any scan type (extsubmitanyscan)
- Static (extsubmitstaticscan)
- Dynamic (extsubmitdynamicscan)
- Manual (extsubmitmanualscan)
When Veracode creates the user account and configures the authentication, which can take up to one minute.
Role Short Name | Role Name | Additional Roles Required |
---|---|---|
sandboxadmin | Sandbox Administrator | |
sandboxuser | Sandbox User | |
workSpaceAdmin | Workspace Administrator | |
workSpaceEditor | Workspace Editor | |
extseclead | Security Lead | Users must have at lease one of these additional roles:
|
extcreator | Creator | Users must have the additional role that matches the type of scan they want to create
and submit:
|
extsubmitter | Submitter |
Users must have the additional role that matches the type of scan they want to submit:
|
extreviewer | Reviewer | |
extmitigationapprover | Mitigation Approver | |
extexecutive | Executive | |
securityinsightsonly | Security Insights | |
securityLabsUser | Security Labs User | |
extadmin | Administrator | |
extpolicyadmin | Policy Administrator | |
extelearn | eLearning | |
teamAdmin | Team Admin | |
consultationuseradmin | Consultation User Admin | |
greenlightideuser | Greenlight IDE User |