Using the Dynamic Analysis REST API

Veracode APIs

You can use the Veracode Dynamic Analysis REST API to automate major dynamic scanning tasks.

This API enables you to programmatically initiate dynamic scanning with the flexibility necessary for incorporating this type of security scanning into your Software Development Life Cycle.

The API endpoints perform these tasks:
  • Create analyses with URL scans
  • Configure analyses and URL scans
  • Schedule and run analyses
  • Link analyses to Veracode application profiles

After completing a dynamic analysis scan, you can use the Findings API to get information on a discovered flaw.

Permissions and Authentication

To be able to use the Veracode Dynamic Analysis REST API, you must have one of these account types:

The API provides improved security through HMAC authentication. Therefore, before using this API, you must first configure your authentication.

Ensure you access the APIs with the domain for your region.

Dynamic Analysis API Specification

The Dynamic Analysis API specification is available from SwaggerHub.

Authentication Errors

To see authentication errors for the Dynamic Analysis REST API, use: