Mitigation and Comments XML API

The Mitigation and Comments API enables you to integrate comments on findings and mitigation workflow tasks into IDEs and bug tracking systems.

You can mitigate a finding, accept or reject a mitigation action, or comment on a proposed mitigation. In addition, you can view all comments and mitigation actions any user has performed on a finding.

To learn about how to use the Mitigation and Comments API, see the tutorial.

REST API equivalent

The REST API equivalents of these calls are available with the Annotations API and the Findings API. We recommend that you use the REST APIs. For new integrations, always use the REST APIs.

Permissions

Before you can use this API, you must have one of the following accounts with the required roles:

An API user account with the Mitigation API role.
A UI user account with one of the following role:
- Reviewer or Security Lead: to view all actions performed on a finding, to submit proposed mitigations, or to comment on proposed mitigations.
- Mitigation Approver and either Reviewer or Security Lead: to accept or reject proposed mitigations.

Authentication

This API requires secure authentication to Veracode.

REST API equivalent​

Permissions​

Authentication​

Did you find this helpful?

REST API equivalent

Permissions

Authentication