Promoting a Development Sandbox Scan with the REST API

Veracode APIs

These use case scenarios provide the Development Sandbox REST API commands and payloads for promoting a sandbox scan to a policy scan.

You can use the Applications API to get the GUID for an application or development sandbox.

Use this command to promote the latest scan for the specified sandbox:
http --auth-type=veracode_hmac POST "https://api.veracode.com/appsec/v1/applications/<Veracode application GUID>/sandboxes/<sandbox GUID>/promote"
Use this command to promote a specific sandbox scan:
http --auth-type=veracode_hmac POST "https://api.veracode.com/appsec/v1/applications/<Veracode application GUID>/sandboxes/<sandbox GUID>/promote?build_id=<build ID>"

The build ID is optional. You can obtain it from a Summary Report or with the getbuildinfo.do call.

Use this command to promote and delete the latest scan for the specified sandbox:
http --auth-type=veracode_hmac POST "https://api.veracode.com/appsec/v1/applications/<Veracode application GUID>/sandboxes/<sandbox GUID>/promote?delete_on_promote=true"