Using the Identity REST APIs

You can use the Veracode Identity APIs to manage the administrative configuration for your organization that is in the Veracode Platform.

The API provides endpoints for managing users, teams, and business units, using the create, update, read, and delete actions on their respective objects. This capability includes managing API service accounts. You can use the API credentials endpoint to get information about Veracode API credentials expiration, revoke Veracode API credentials, or renew your Veracode API credentials.

Permissions and Authentication

Before you can use all endpoints of the Identity REST APIs, you must have one of these account types:

An API service account with the Admin API role.
A user account with the Administrator role.

However, these endpoints are accessible by all other API service account and user account roles:

/user/self
/user/api_credentials

The API provides improved security through HMAC authentication. Therefore, before using this API, you must configure your authentication.

Ensure you access the APIs with the domain for your region.

Identity APIs Specification

The Identity APIs specification is available from SwaggerHub.