The Mitigation and Comments API enables you to integrate comments on findings and mitigation workflow tasks into IDEs and bug tracking systems.
You can mitigate a finding, accept or reject a mitigation action, or comment on a proposed mitigation. In addition, you can view all comments and mitigation actions any user has performed on a finding.
To learn about how to use the Mitigation and Comments API, read the tutorial.
- An API service account with
the Mitigation API role or a user account with one of these roles:
- Reviewer or Security Lead
- To view all actions performed on a finding, to submit proposed mitigations, or to comment on proposed mitigations.
- Mitigation Approver and either Reviewer or Security Lead
- To accept or reject proposed mitigations.
- Veracode API credentials.