Using the Policy REST API

Veracode APIs

You can use the Veracode Policy API to create, update, delete, and read policies. You can also use this API to evaluate an application or a development sandbox against any policy.

This API allows you to assess an application or sandbox against any policy, even one not currently assigned to the application. The response from the policy evaluation shows you why the application is passing or failing policy, including scan frequency requirements and findings that are past their grace period due date.

Permissions and Authentication

Before you can use this API to create or update a policy, you must have one of these account types:

The API provides improved security through HMAC authentication. Therefore, before using this API, you must configure your authentication.

Ensure you access the APIs with the domain for your region.

Policy API Specification

The Policy API specification is available from SwaggerHub.