This use case scenario provides the SCA Agent REST API commands to generate a software bill of materials (SBOM) from your Veracode Software Composition Analysis upload scan results. The response includes an inventory of all components in your application in CycloneDX JSON format.
You must have:
- A Veracode account with an SCA-Scan subscription and the Security Lead role
- API credentials
- HMAC authentication enabled
- Completed Veracode SCA upload scans of the application for which you are creating the SBOM. The scans must include either a policy scan or a sandbox scan that you have promoted to a policy scan.