Skip to main content

Identity REST API

You can use the Identity API to manage the administrative configuration for your organization that is in the Veracode Platform.

The API provides endpoints for managing users, teams, and business units, using the create, update, read, and delete actions on their respective objects. You can also manage API service accounts, which are also called API users. You can use the API credentials endpoint to get information about API credentials expiration, revoke API credentials, or renew your API credentials.

For some API requests, you must set your updates as incremental or partial. partial=true indicates that you are updating only a subset of properties for an object. incremental=true indicates that you are adding items to a list for an object property, such as adding users to a team.

Permissions and authentication

Before you can use all endpoints of the Identity REST APIs, you must have one of these accounts with the required role:

  • An API service account with the Admin API role.
  • A user account with the Administrator role.

All other API service account and user account roles can access these endpoints:

  • /users/self
  • /users/api_credentials

This API uses API ID/key credentials and HMAC authentication to provide improved security. Before you can send requests, you must complete these configurations:

Ensure you access the APIs with the domain for your region.

Identity API specification

The Identity API specification is available from SwaggerHub.