SCA Agent REST API

You can use the Veracode SCA Agent REST API to programmatically extract high-level workspace information on specific Agent-Based Scanning workspaces or all workspaces to which you have access. You can also filter your workspaces on library, vulnerability, and license.

Permissions and Authentication

Before you can use this API, you must have a user account.

This API uses API ID/key credentials and HMAC authentication to provide improved security. Before you can send requests, you must complete these configurations:

Ensure you access the APIs with the domain for your region.

note

There are two host URLs for the Veracode SCA Agent API. If you use SourceClear API credentials, the host URL is api.sourceclear.io. If you use Veracode API credentials, the host URL is api.veracode.com/srcclr.

Required HTTP Headers

The Veracode SCA Agent API requires that you set these HTTP headers in the REST requests:

accept-encoding: gzip
user-agent: a value of your choice. Veracode recommends a company name, email domain, or application name.

Veracode SCA Agent API Specification

The API specification is available on SwaggerHub.

Permissions and Authentication​

Required HTTP Headers​

Veracode SCA Agent API Specification​

Permissions and Authentication

Required HTTP Headers

Veracode SCA Agent API Specification