Using the Findings REST API

Veracode APIs

The Veracode Findings API enables you to access information about open and mitigated findings associated with applications and development sandboxes.

This API supports Static Analysis, Dynamic Analysis, Manual Penetration Testing, and Software Composition Analysis findings.

Note: You cannot get SCA findings in combination with other finding types.

The Findings API simplifies common reporting scenarios, such as obtaining the latest data for each application and accessing historical state-change information on findings.

Permissions and Authentication

Before you can use all the endpoints of the Findings API, you must have one of these account types:

The API provides improved security through HMAC authentication. Therefore, before using this API, you must configure your authentication.

Ensure you access the APIs with the domain for your region.

Findings API Specification

The Findings API specification is available from SwaggerHub.