API wrapper parameters
Most actions in the Veracode Java and C# API wrappers expose required or optional parameters. Some parameters apply to every action that the wrapper supports.
The Veracode XML APIs and the wrappers use a different syntax. For the wrappers, the parameter names omit the underscores, the parameter values omit spaces, and some parameters use different names. For example, the parameter app_id in the API is appid in the wrapper and the parameter value Very High in the API is VeryHigh in the wrapper. The parameter business_criticality in the API is criticality in the wrapper. The syntax is not interchangeable and using the wrong syntax causes your command to fail. To ensure you are using the correct syntax, see the documentation provided in the Help directory for each wrapper.
The following table lists the parameters that apply to all actions.
| Parameter | Type | Description |
|---|---|---|
actionRequired | String | Name of the action. |
vid | String | Veracode API ID. |
vkey | String | Veracode API key. |
credprofile | String | Name of the profile in the API credentials file to use for authentication. IMPORTANT: Your command cannot include both the credprofile parameter and the vid/vkey parameters or the command returns an error. |
debug | String | Include to show detailed diagnostic information, which you can use for debugging, in the output. Exclude to not show the diagnostic information. |
inputfilepath | String | Path to a CSV file that contains the parameters to use for the command.You can use inputfilepath to make multiple calls to the API specified by the action. In the CSV file, use one row to specify the parameters for each call. For an example, see createuser.do. |
logfilepath | String | Filepath of the log file where commands save informational and error messages. |
maxretrycount | Integer | Number of times to retry the last request during certain error conditions or when a request times out. Value range is 1 to 5. |
phost | String | Proxy hostname. Do not include the web protocol, such as HTTP or HTTPS, in the proxy hostname. Including the protocol can cause an error. You can also provide a proxy in an environment variable. |
ppassword | String | Proxy password. Required if you include phost. |
pport | String | Proxy port. Required if you include phost. |
puser | String | Proxy username. Required if you include phost. |
failbuild | Boolean | Fails the build if any artifacts of your packaged applications fail to upload. The default is true. |
Proxy environment variable
To provide a proxy host, port, and its credentials in an environment variable:
- Create an environment variable with the name
https_proxy. - For the value, enter the username, password, hostname or IP address, and port. For example:
user1:[email protected]:1234 - Remove all proxy parameters from your command:
phost,ppassword,pport, andpuser. The parameters take precedence over the environment variable.
Java wrapper example
To return a list of applications in the application portfolio of an account, run getapplist with these parameters:
java -jar vosp-api-wrapper-java{version}.jar -action getapplist -vid <Veracode API ID> -vkey <Veracode API key> -phost proxyhost.com -pport 8080 -puser <proxy username> -ppassword <proxy password>
C# wrapper example
To return a list of applications in the application portfolio of an account, run getapplist with these parameters:
VeracodeC#API.exe -action getapplist -vid <Veracode API ID> -vkey <Veracode API key> -phost proxyhost.com -pport 8080 -puser <proxy username> -ppassword <proxy password>
Veracode recommends that you use an external API credentials file to provide your credentials to the Veracode API wrapper. When you use an API credentials file, you can omit the -vid and -vkey parameters for specifying your Veracode API credentials.
To see the required and optional parameters for an action, you can run -action and review the returned text. After reading the returned text, you know which parameters to include in your command.
For example, to return a list of required and optional parameters for createapp.do, run -action createapp.
You replace the parameter values with your Veracode API ID, Veracode API key, application name, and the level of business criticality of the application. See the createapp.do call for more information on the parameters.
Arguments
All parameters require an argument or value. For example, the -criticality parameter requires an argument of VeryHigh, High, Medium, Low, or VeryLow. When you run -action, to see the parameters for an action, you also see the list of arguments under Usage.