uploadformbasedloginscript.do

Veracode APIs

The uploadformbasedloginscript.do call enables you to upload a forms-based login script for a DynamicDS scan.

Before using this API, Veracode strongly recommends that you read API Usage and Access Guidelines.

Resource URL

https://analysiscenter.veracode.com/api/5.0/uploadformbasedloginscript.do

Permissions

You need the Upload API or Upload API - Submit Only role to use this call.

Parameters

Name Type Description
app_id

Required

Integer Application ID.
login_script

Required

File A login script captures the steps required to log in to the application. For information about creating login scripts, see Providing Login Instructions.
verification_url

Required

String A URL Veracode can access after successfully logging in. See Providing Login Instructions
verification_text

Required

String A text string that Veracode finds at the specified verification_url to verify successful login. See Providing Login Instructions

HTTPie Example

Examples use the HTTPie command-line tool. See Using HTTPie with the Python Authentication Library.

http --auth-type=veracode_hmac -f "https://analysiscenter.veracode.com/api/5.0/uploadformbasedloginscript.do" "app_id==<app id>" "login_script@siteloginscript.html" "verification_url==http://www.example.com/index.php" "verification_text=Welcome"

HTTPie Results

The uploadformbasedloginscript.do call returns the dynamic_scan_info XML document, which references the dynamicscaninfo.xsd schema file. You can use the XSD schema file to validate the XML data. See the dynamicscaninfo.xsd schema documentation.

<?xml version="1.0" encoding="UTF-8"?>

<dynamic_scan_info xmlns:xsi="http&#x3a;&#x2f;&#x2f;www.w3.org&#x2f;2001&#x2f;XMLSchema-instance" 
         xmlns="https&#x3a;&#x2f;&#x2f;analysiscenter.veracode.com&#x2f;schema&#x2f;4.0&#x2f;dynamicscaninfo" 
         xsi:schemaLocation="https&#x3a;&#x2f;&#x2f;analysiscenter.veracode.com&#x2f;schema&#x2f;4.0&#x2f;dynamicscaninfo 
         https&#x3a;&#x2f;&#x2f;analysiscenter.veracode.com&#x2f;resource&#x2f;4.0&#x2f;dynamicscaninfo.xsd" 
         account_id="<account id>" app_id="<app id>" scan_id="5114591" error_message="">
   <dynamic_scan scan_id="5114591" scan_name="DynamicDS Scan with Script" scan_status="Incomplete" 
         target_url="http&#x3a;&#x2f;&#x2f;dvwa.sa.veracode.io&#x2f;" directory_restriction_policy="true" 
            https_http_inclusion="true">
      <contact_information first_name="Joan" last_name="Smythe" telephone="123-456-7890" email="jsmythe&#x40;example.com"/>
      <allowed_hosts>
         <allowed_host host="http&#x3a;&#x2f;&#x2f;example.com&#x2f;" directory_restriction_policy="dir_and_sub" 
            https_http_inclusion="true"/>
      </allowed_hosts>
      <exclude_urls>
         <exclude_url host="http&#x3a;&#x2f;&#x2f;www.example.com&#x2f;archives&#x2f;" directory_restriction_policy="dir_only" 
            https_http_inclusion="true"/>
      </exclude_urls>
      <login>
         <script_based_login login_sequence="siteloginscript.html" verify_url="http&#x3a;&#x2f;&#x2f;www.example.com&#x2f;index.php" 
            verify_string="Welcome"/>
      </login>
   </dynamic_scan>
</dynamic_scan_info>