downloadflawreport.do

APIs

The downloadflawreport.do call returns a generated XML report when it is available. This report lists all fixed and unfixed flaws for the specified applications and/or scan type.

Before using this API, Veracode strongly recommends that you read API Usage and Access Guidelines.

Resource URL

https://analysiscenter.veracode.com/api/3.0/downloadflawreport.do

Permissions

You need the Archer API role to use this call.

Parameters

token Universally unique identifier (UUID). Optional. Obtain this token from the XML report returned by calling generateflawreport.do.

You can use this token to download that flaw report. Tokens are limited to the five most recent reports and expire after 30 days.

If you do not provide a token, the call returns the latest report produced by generateflawreport.do, if one exists.

Example

curl --compressed -u <VeracodeUsername>:<VeracodePassword>
          https://analysiscenter.veracode.com/api/3.0/downloadflawreport.do?token=token taken from
          generateflawreport XML> flawreport.xml

Results

The downloadflawreport.do call returns the flaw report XML document, which references archerreport.xsd. Additional archerreport.xsd schema documentation is available. Use the XSD file to validate the XML data.