Skip to main content

Getting Started with the CLI

You use the Veracode CLI to run security scans of development containers. The CLI helps developers prevent comprehensive exploits before runtime and provides visibility into their container pipeline security posture.


Before you can install and use the Veracode CLI, you must have:

  • One of these operating systems:

    • MacOS (Intel, M1 or M2)
    • Linux (Intel)
  • A Veracode account with API credentials.

Install or Upgrade the CLI

To install or upgrade the CLI in your current working folder, run the following command:

curl -fsS | sh

When the installation completes, this message appears: The Veracode CLI is now installed!

Add Your Credentials

You can configure your API credentials as environment variables or store them with the CLI.

Configure Credentials as Environment Variables

To set your API credentials as environment variables, set the VERACODE_API_KEY_ID and VERACODE_API_KEY_SECRET variables to your Veracode API credentials. For example:

export VERACODE_API_KEY_ID={apiId}
export VERACODE_API_KEY_SECRET={apiSecretKey}

Add Credentials to the CLI

  1. To configure the CLI, run the following command:

    ./veracode configure
  2. At the prompt, enter the API ID and secret key you generated in the Veracode Platform.

    If you set your credentials as environment variables, the Veracode CLI pre-populates these fields.

Test the Installation

To confirm that you have successfully installed the CLI, run the following test scan:

./veracode scan --source alpine:latest --type image