Generate a Software Bill of Materials (SBOM) for Agent-Based Scans with the REST API

Veracode APIs

You can use the SCA Agent REST API to generate a software bill of materials (SBOM) from your Veracode Software Composition Analysis agent-based scan results. The response includes an inventory of all components in your project in CycloneDX JSON format.

Before You Begin

You must have:


  1. Use this command to return the list of GUIDs for your workspaces:

    http --auth-type=veracode_hmac ""
  2. Use this command to return the list of project GUIDs for the workspace:

    http --auth-type=veracode_hmac "{workspaceGuid}/projects?type=agent"
  3. Use this command to return the SBOM containing the SCA agent-based scan results for your project:

    http --auth-type=veracode_hmac "{projectGuid}/cyclonedx?type=agent"

    Setting the type property to agent specifies that the API retrieves data from Veracode SCA agent-based scans. To generate an SBOM for upload scans, follow these instructions.