You must have the Security Lead, Workspace Administrator, or
Workspace Editor role
to link projects to
Linking a project to an application sends the inventory of that project to the
application profile, allowing the application profile to reflect all libraries and
vulnerabilities found through agent-based scans.
You can link multiple projects to an application. If you want to link one project to
multiple applications, you need to scan that project under multiple workspaces, then link
each instance of that project to a different application.
To include agent-based results in the policy evaluation for your application, you
must perform at least one upload scan of the application before linking an
agent-based scanning project to the application.
To extract findings from linked projects using an API, Veracode recommends you use
the Findings REST API.
To link a project to an application: