You can use the Crashtest Security API to do the following:
- Create and delete a project.
- Start and stop a scan.
- Retrieve the status and findings for a scan.
Refer to the complete documentation for this API.
Permissions and authentication
Before you can use this API, you must have:
- A Crashtest user account with the Team Admin or Security Engineer role.
- An API key. The API key is attached to your user account and has the same permissions as your assigned role. You can request an API key from Crashtest Support.
You add the API key as either a
Header attribute or a
GET parameter in the URL of your request. For details, see
AUTHORIZATIONS in the API specification. The API key for Crashtest is separate from the Veracode API credentials you use with other Veracode products.
Crashtest Security API specification
The Crashtest Security API specification is available from SwaggerHub.