You can update credentials fields in login scripts by creating a scan engine variable that the Dynamic Analysis API uses at runtime.
Using a variable means login script creators do not need to know the credentials for the application to which Dynamic Analysis is logging in, nor do you need to create a new login script every time the credentials values change.
If you have the Security Lead role, you can create a scan engine variable for the Dynamic Analysis API.
To create a variable key/value pair, make a POST call to https://api.veracode.com/was/configservice/v1/scanner_variables, specifying the description, value, and optional reference key. The reference key is the value you use in your login script. Alternatively, you can use the scanner_variable_id that the API returns in response to a POST in your login scripts.
{ "description": "Password key for my application", "reference_key": "MY_PASSWORD_KEY", "value": “hunter2" }
{ "id": "5045080b-99ad-47e9-a8a6-7897bf4b5975", "comment": "", "command": "type", "target": "name=password", "targets": [ ["name=password", "name"], ["css=tr:nth-child(7) input:nth-child(2)", "css:finder"], ["xpath=//input[@name='password']", "xpath:attributes"], ["xpath=//tr[7]/td[2]/form/input[2]", "xpath:position"] ], "value": "${MY_PASSWORD_KEY}" }
Example Python code on how to use the scan engine variables API feature is available on GitHub.
For detailed documentation of this API, see the full Swagger specification.