SCA Agent REST API
You can use the Veracode SCA Agent REST API to programmatically extract high-level workspace information on specific Agent-Based Scanning workspaces or all workspaces to which you have access. You can also filter your workspaces on library, vulnerability, and license.
Permissions and Authentication
Before you can use this API, you must have a user account.
This API uses API ID/key credentials and HMAC authentication to provide improved security. Before you can send requests, you must complete these configurations:
Ensure you access the APIs with the domain for your region.
There are two host URLs for the Veracode SCA Agent API. If you use SourceClear API credentials, the host URL is api.sourceclear.io
. If you use Veracode API credentials, the host URL is api.veracode.com/srcclr
.
Required HTTP Headers
The Veracode SCA Agent API requires that you set these HTTP headers in the REST requests:
accept-encoding: gzip
user-agent
: a value of your choice. Veracode recommends a company name, email domain, or application name.
Veracode SCA Agent API Specification
The API specification is available on SwaggerHub.