API Scanning requires the absolute, or base, URL at which the API you want to scan is hosted. It checks for this URL when you upload an API specification to the Veracode Platform. If API Scanning cannot determine this URL from the uploaded specification, you see an error with a field to enter the fully-qualified URL. Enter the base URL for your API.
If you do not know the base URL for your API, contact the development team that provided the specification file.
After adding a base URL, Veracode treats the value as a
url entry in the OpenAPI
servers list, as explained in the OpenAPI 3 Documentation. Ensure your value includes any base path. For example, if an API has entry points under
/v1/pets, it must also have that path in the absolute URL: