generateflawreport.do

APIs

The generateflawreport.do call returns generateflawreport.xml, which contains the token you need for downloading the flaw report. The flaw report lists all fixed and unfixed flaws for the specified applications and/or scan type.

Before using this API, Veracode strongly recommends that you read API Usage and Access Guidelines.

Resource URL

https://analysiscenter.veracode.com/api/3.0/generateflawreport.do

Permissions

You need the Archer API role to use this call.

Parameters

app_id_list Integer. Optional. Comma-separated.
scan_type String. Optional. Values include:
  • static
  • dynamic
  • manual

Example

curl --compressed -u <VeracodeUsername>:<VeracodePassword>
          https://analysiscenter.veracode.com/api/3.0/generateflawreport.do -F
          "app_id_list=12266,12267,12269,12270" -F "scan_type=dynamic"

Results

The generateflawreport.do call initiates the process of generating the generateflawreport XML document, which references the archerreportrequest.xsd. Additional archerreportrequest.xsd schema documentation is available. Use the XSD file to validate the XML data. The returned XML contains the token string you need to retrieve the report, when it is available, using the downloadflawreport.do call. The following is an example of the returned XML.

<archerreport xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="https://analysiscenter.veracode.com/schema/1.0/archerapi" xsi:schemaLocation="https://analysiscenter.veracode.com/schema/1.0/archerapi https://localhost:18443/resource/1.0/archerreportrequest.xsd" token="5a1b163a-d340-48e6-9170-e5a77c4dc5e2" archer_report_version="3.0"></archerreport>