Creating User and SAML User Accounts with the Identity API

Veracode APIs

These use case scenarios provide the Identity REST API commands and payloads for creating a user account and a SAML user account.

Use this command to create a user account: 
http --auth-type=veracode_hmac POST "https://api.veracode.com/api/authn/v2/users" < input.json
The API passes the JSON file that you populate with the necessary values as shown in this example:
{
   "email_address":"example@example.com",
   "first_name":"Example",
   "last_name":"User",
   "ip_restricted":false,
   "active":true,
   "roles":[
      {
         "role_name":"extseclead"
      },
      {
         "role_name":"extsubmitanyscan"
      }
   ],
   "title":"Sample",
   "user_name":"example@example.com",
   "userType":"VOSP",
   "teams":[
      {
         "team_id":"teamId"
      }
   ]
}
Use this command to create a SAML user account: 
http --auth-type=veracode_hmac POST "https://api.veracode.com/api/authn/v2/users" < input.json
The API passes the JSON file that you populate with the necessary values as shown in this example:
{
   "email_address":"example@example.com",
   "first_name":"Example",
   "last_name":"User",
   "ip_restricted":false,
   "active":true,
   "roles":[
      {
         "role_name":"extseclead"
      },
      {
         "role_name":"extsubmitanyscan"
      }
   ],
   "title":"Sample",
   "saml_user":true,
   "saml_subject":"example@example.com",
   "user_type":"VOSP"
 }

For some of the possible user account, API service account, and SAML user roles, you must include one or more of these scan types that the user can submit:

  • Any scan type (extsubmitanyscan)
  • Static (extsubmitstaticscan)
  • Dynamic (extsubmitdynamicscan)
  • Manual (extsubmitmanualscan)

When Veracode creates the user account and configures the authentication, it can take up to one minute.

Table. Human Roles
Role Short Name Role Name Additional Roles Required
sandboxadmin Sandbox Administrator  
sandboxuser Sandbox User  
workSpaceAdmin Workspace Administrator  
workSpaceEditor Workspace Editor  
extseclead Security Lead Users must have at lease one of these additional roles:
  • extsubmitmanualscan
  • extsubmitstaticscan
  • extsubmitdynamicscan
  • extsubmitdynamicanalysis
  • extsubmitanyscan
  • extsubmitdynamicmpscan
  • extsubmitanyscan
  • extsubmitdiscoveryscan
extcreator Creator Users must have the additional role that matches the type of scan they want to create and submit:
  • extsubmitmanualscan
  • extsubmitstaticscan
  • extsubmitdynamicscan
  • extsubmitdynamicanalysis
  • extsubmitanyscan
  • extsubmitdynamicmpscan
  • extsubmitanyscan
  • extsubmitdiscoveryscan
extsubmitter Submitter

Users must have the additional role that matches the type of scan they want to submit:

  • extsubmitmanualscan
  • extsubmitstaticscan
  • extsubmitdynamicscan
  • extsubmitdynamicanalysis
  • extsubmitanyscan
  • extsubmitdynamicmpscan
  • extsubmitanyscan
  • extsubmitdiscoveryscan
extreviewer Reviewer  
extmitigationapprover Mitigation Approver  
extexecutive Executive  
securityinsightsonly Security Insights  
securityLabsUser Security Labs User  
extadmin Administrator  
extpolicyadmin Policy Administrator  
extelearn eLearning  
teamAdmin Team Admin  
consultationuseradmin Consultation User Admin  
greenlightideuser Greenlight IDE User