Rejecting a Mitigation with the Annotations API

Veracode APIs

Use this command to reject a mitigation proposal, with a comment, for an application with two findings:

http --auth-type=veracode_hmac POST "https://api.veracode.com/appsec/v2/applications/{application_guid}/annotations" < input.json

You can use the Applications API to get the GUID for an application.

The API passes the JSON file that you populate with the necessary values as shown in this example payload:

{
  "issue_list": "1,2",
  "comment": "This is my comment",
  "action": "REJECTED"
}
Name Type Description
issue_list
Required
String Comma-separated list of finding IDs. You can use the Findings API to get a list of finding IDs for an application.
comment
Required
String Enter a brief comment about the findings for issue_list.