These use case scenarios provide the Identity REST API commands and payloads for creating a user account and a SAML user account.
Use this command to create a user account:
http --auth-type=veracode_hmac POST "https://api.veracode.com/api/authn/v2/users" < input.json
The API passes the JSON file that you populate with the necessary
values as shown in this example payload:
{ "email_address":"[email protected]", "first_name":"Example", "last_name":"User", "ip_restricted":false, "active":true, "roles":[ { "role_name":"extseclead" }, { "role_name":"extsubmitanyscan" } ], "title":"Sample", "user_name":"[email protected]", "userType":"VOSP", "teams":[ { "team_id":"teamId" } ] }
Use this command to create a SAML user account:
http --auth-type=veracode_hmac POST "https://api.veracode.com/api/authn/v2/users" < input.json
The API passes the JSON file that you populate with the necessary
values as shown in this example payload:
{ "email_address":"[email protected]", "first_name":"Example", "last_name":"User", "ip_restricted":false, "active":true, "roles":[ { "role_name":"extseclead" }, { "role_name":"extsubmitanyscan" } ], "title":"Sample", "saml_user":true, "saml_subject":"[email protected]", "user_type":"VOSP" }
For some of the possible user account, API service account, and SAML user roles, you must include one or more of these scan types that the user can submit:
- Any scan type (extsubmitanyscan)
- Static (extsubmitstaticscan)
- Dynamic (extsubmitdynamicscan)
- Manual (extsubmitmanualscan)
When Veracode creates the user account and configures the authentication, it can take up to one minute.
Role Short Name | Role Name | Additional Roles Required |
---|---|---|
sandboxadmin | Sandbox Administrator | |
sandboxuser | Sandbox User | |
workSpaceAdmin | Workspace Administrator | |
workSpaceEditor | Workspace Editor | |
extseclead | Security Lead | Users must have at lease one of these additional roles:
|
extcreator | Creator | Users must have the additional role that matches the type of scan they want to create
and submit:
|
extsubmitter | Submitter |
Users must have the additional role that matches the type of scan they want to submit:
|
extreviewer | Reviewer | |
extmitigationapprover | Mitigation Approver | |
extexecutive | Executive | |
securityinsightsonly | Security Insights | |
securityLabsUser | Security Labs User | |
extadmin | Administrator | Contact Veracode Technical Support to assign this role to a user. |
extpolicyadmin | Policy Administrator | |
extelearn | eLearning | |
teamAdmin | Team Admin | |
greenlightideuser | Greenlight IDE User |