Using the Veracode XML APIs


The Veracode Application Programming Interfaces (APIs) and their wrappers automate the actions involved in testing. You can use plugins to extend your workflow to seamlessly include Veracode security scanning.

Veracode provides an XML API for every task involved in scanning with Veracode. The following APIs and wrappers enable you to automate most of the tasks involved in scanning your applications.

All the API information is available as a PDF you can download.

API Wrappers
Veracode provides API wrappers for Java and C#. Veracode recommends using API wrappers when working with the Veracode XML APIs.
Upload API
Use the Upload API to automatically send new builds of your applications to the Veracode Platform for static analysis scans.
Results API
Use the Results API to get a list of available applications and retrieve detailed application results.
Mitigation and Comments API
Integrate flaw comments and mitigation workflow tasks into IDEs and bug tracking systems.
Admin API
Use the Admin API to create and manage users and teams in the Veracode Platform.
Flaw Report API
The Flaw Report API creates a report that lists all fixed and unfixed flaws for the specified applications and/or scan type.
DynamicDS APIs
Several APIs are available to automate your DynamicDS scans.
The Veracode VAST program has APIs for automating vendor and enterprise tasks.
Sandbox APIs
Use the Sandbox API calls to automate creating, updating, deleting, listing, and promoting developer sandboxes.