You can use the sandbox API calls to automatically create a list of developer sandboxes and promote sandbox scans to policy scans.
- The createsandbox.do call creates a sandbox for the specified application.
- The getsandboxlist.do call returns a list of all the sandboxes associated with the specified application.
- The promotesandbox.do call promotes the specified build ID to be the policy scan for the application, as long as that build has had a successful scan.
- The updatesandbox.do call enables you to amend an existing sandbox in the application profile.
Many of the other Veracode XML APIs can pass the sandbox parameter to work with scans and scan results from sandboxes.