Link Dynamic Analysis Results to an Application with the REST API
You can use the Dynamic Analysis API to link analysis scan results to a Veracode application profile.
Linking results allows you to aggregate all scan types of the target URL into a single report and also evaluate the results against policy.
To complete this task:
Run this command to get a list of application profiles by name:
http --auth-type=veracode_hmac GET "https://api.veracode.com/was/configservice/v1/platform_applications"
You can also get application details by making a GET call to the Applications API.
Locate the application UUID and add the UUID to the
linked_platform_app_uuid
property in your JSON file.Run this command to create an analysis that links the results to the specified UUID for your application:
http --auth-type=veracode_hmac POST "https://api.veracode.com/was/configservice/v1/analyses" < input.json
The API passes the JSON file that you populate with the necessary values as shown in this example payload:
{
"name": "Name-of-Your-Dynamic-Analysis",
"scans": [
{
"linked_platform_app_uuid": "abcd1234-e6d0-475d-ac70-abff5388fa75",
"scan_config_request": {
"target_url": {
"url": "http://www.example.com/",
"http_and_https": true,
"directory_restriction_type": "DIRECTORY_AND_SUBDIRECTORY"
}
}
}
],
"schedule": {
"now": true,
"duration": {
"length": 1,
"unit": "DAY"
}
}
}In this example,
linked_platform_app_uuid
specifies the UUID of the application profile to link to the scan results.target_url
specifies the URL configuration for the target web application you want to scan.