Creating User and SAML User Accounts with the Identity API

These use case scenarios provide the Identity REST API commands and payloads for creating a user account or a SAML user account.

Use this command to create a user account:

http --auth-type=veracode_hmac POST "https://api.veracode.com/api/authn/v2/users" < input.json

The API passes the JSON file that you populate with the necessary values as shown in this example payload:

{
   "email_address":"[email protected]",
   "first_name":"Example",
   "last_name":"User",
   "ip_restricted":false,
   "pin_required": true,
   "active":true,
   "roles":[
      {
         "role_name":"extseclead"
      },
      {
         "role_name":"extsubmitanyscan"
      }
   ],
   "title":"Sample",
   "user_name":"[email protected]",
   "userType":"VOSP",
   "teams":[
      {
         "team_id":"teamId"
      }
   ]
}

Use this command to create a user account with SAML sign-on:

http --auth-type=veracode_hmac POST "https://api.veracode.com/api/authn/v2/users" < input.json

The API passes the JSON file that you populate with the necessary values as shown in this example payload:

{
   "email_address":"[email protected]",
   "first_name":"Example",
   "last_name":"User",
   "ip_restricted":false,
   "active":true,
   "roles":[
      {
         "role_name":"extseclead"
      },
      {
         "role_name":"extsubmitanyscan"
      }
   ],
   "title":"Sample",
   "saml_user":true,
   "saml_subject":"[email protected]",
   "user_type":"VOSP"
 }

For some roles, you must include one or more of these scan types that the user can submit:

extsubmitanyscan: any scan type
extsubmitstaticscan: Static Analysis
extsubmitdynamicscan: Dynamic Analysis
extsubmitmanualscan: Manual Penetration Testing

When Veracode creates the user account and configures the authentication, it can take up to one minute.

Role Short Name	Role Name	Additional Roles Required
`deletescans`	Delete Scans	`extseclead` or `extcreator`
`sandboxadmin`	Sandbox Administrator
`sandboxuser`	Sandbox User
`workSpaceAdmin`	Workspace Administrator
`workSpaceEditor`	Workspace Editor
`extseclead`	Security Lead	Users must have at lease one of these additional roles: `extsubmitmanualscan`, `extsubmitstaticscan`, `extsubmitdynamicscan`, `extsubmitdynamicanalysis`, `extsubmitdynamicmpscan`, `extsubmitanyscan`, `extsubmitdiscoveryscan`
`extcreator`	Creator	Users must have the additional role that matches the type of scan they want to create and submit: `extsubmitmanualscan`, `extsubmitstaticscan`, `extsubmitdynamicscan`, `extsubmitdynamicanalysis`, `extsubmitanyscan`, `extsubmitdynamicmpscan`, `extsubmitdiscoveryscan`
`extsubmitter`	Submitter	Users must have the additional role that matches the type of scan they want to submit: `extsubmitmanualscan`, `extsubmitstaticscan`, `extsubmitdynamicscan`, `extsubmitdynamicanalysis`, `extsubmitanyscan`, `extsubmitdynamicmpscan`, `extsubmitdiscoveryscan`
`extreviewer`	Reviewer
`extmitigationapprover`	Mitigation Approver
`extexecutive`	Executive
`securityinsightsonly`	Security Insights
`securityLabsUser`	Security Labs User
`extadmin`	Administrator	Contact Veracode Technical Support to assign this role to a user.
`extpolicyadmin`	Policy Administrator
`extelearn`	eLearning
`teamAdmin`	Team Admin
`greenlightideuser`	Greenlight IDE User