This use case scenario provides the Identity REST API command and payload for creating a user account.
Use this command to create a user account:
http --auth-type=veracode_hmac POST "https://api.veracode.com/api/authn/v2/users" < input.json
The API passes the JSON file that you populate with the necessary
values as shown in this example:
{
"email_address":"example@example.com",
"first_name":"Example",
"last_name":"User",
"ip_restricted":false,
"active":true,
"roles":[
{
"role_name":"extseclead"
},
{
"role_name":"extsubmitanyscan"
}
],
"title":"Sample",
"user_name":"example@example.com",
"userType":"VOSP",
"teams":[
{
"team_id":"teamId"
}
]
}
For some of the possible user account and API service account roles, you must explicitly include what the user is allowed to submit. The options are:
- Any scan type (extsubmitanyscan)
- Static (extsubmitstaticscan)
- Dynamic (extsubmitdynamicscan)
- Manual (extsubmitmanualscan)
When Veracode creates the user account and configures the authentication, which can take up to one minute.
| Role Short Name | Role Name | Additional Roles Required |
|---|---|---|
| sandboxadmin | Sandbox Administrator | |
| sandboxuser | Sandbox User | |
| workSpaceAdmin | Workspace Administrator | |
| workSpaceEditor | Workspace Editor | |
| extseclead | Security Lead | Users must have at lease one of these additional roles:
|
| extcreator | Creator | Users must have the additional role that matches the type of scan they want to create
and submit:
|
| extsubmitter | Submitter |
Users must have the additional role that matches the type of scan they want to submit:
|
| extreviewer | Reviewer | |
| extmitigationapprover | Mitigation Approver | |
| extexecutive | Executive | |
| securityinsightsonly | Security Insights | |
| securityLabsUser | Security Labs User | |
| extadmin | Administrator | |
| extpolicyadmin | Policy Administrator | |
| extelearn | eLearning | |
| teamAdmin | Team Admin | |
| consultationuseradmin | Consultation User Admin | |
| greenlightideuser | Greenlight IDE User |