Create an Authenticated Dynamic Analysis with the REST API

Veracode APIs

You can use the Dynamic Analysis API to create an analysis that uses auto-login, basic authentication, and form-based login with a login script.

Steps

  1. Enter values for the scan_config_request, auth_configuration, and schedule properties in the JSON file.

  2. Run this command:

    http --auth-type=veracode_hmac POST "https://api.veracode.com/was/configservice/v1/analyses" < input.json
    

These are examples of the different types of authentication you can use with a Dynamic Analysis:

Auto-login

{
  "name": "Name-of-Your-Dynamic-Analysis",
  "scans": [
    {
      "scan_config_request": {
        "target_url": {
          "url": "http://www.example.com",
          "http_and_https": true,
          "directory_restriction_type": "DIRECTORY_AND_SUBDIRECTORY"
        },
        "auth_configuration": {
          "authentications": {
            "AUTO": {
              "username": "user",
              "password": "pass",
              "authtype": "AUTO"
            }
          }
        }
      }
    }
  ],
  "schedule": {
    "now": true,
    "duration": {
      "length": 1,
      "unit": "DAY"
    }
  }
}          

Client Certificate

{
  "name": "Name-of-Your-Dynamic-Analysis",
  "scans": [
    {
      "scan_config_request": {
        "target_url": {
          "url": "http://www.example.com",
          "http_and_https": true,
          "directory_restriction_type": "DIRECTORY_AND_SUBDIRECTORY"
        },
        "auth_configuration": {
          "authentications": {
            "CERT": {
              "cert_name": "Cert-name.p12",
              "password": "Password",
              "base64_pkcs12": "<base64 encoded p12 cert>",
              "authtype": "CERT"
            }
          }
        }
      }
    }
  ],
  "schedule": {
    "now": true,
    "duration": {
      "length": 1,
      "unit": "DAY"
    }
  }
}

Basic Authentication

{
  "name": "Name-of-Your-Dynamic-Analysis",
  "scans": [
    {
      "scan_config_request": {
        "target_url": {
          "url": "http://www.example.com",
          "http_and_https": true,
          "directory_restriction_type": "DIRECTORY_AND_SUBDIRECTORY"
        },
        "auth_configuration": {
          "authentications": {
            "BASIC": {
              "username": "username",
              "password": "pass",
              "authtype": "BASIC"
            }
          }
        }
      }
    }
  ],
  "schedule": {
    "now": true,
    "duration": {
      "length": 1,
      "unit": "DAY"
    }
  }
}

Form-Based Login with Login Script

Note: Before adding the crawl script to the API body, you must escape the JSON. If you need assistance, use the JSON escape utility available from https://jsonformatter.org.

{
  "name": "Name-of-Your-Dynamic-Analysis",
  "scans": [
    {
      "scan_config_request": {
        "target_url": {
          "url": "http://www.example.com",
          "http_and_https": true,
          "directory_restriction_type": "DIRECTORY_AND_SUBDIRECTORY"
        },
        "auth_configuration": {
          "authentications": {
            "FORM": {
              "script_file": "example-login-script.side",
              "login_script_data": {
                "script_body": "<escaped JSON>",
                "script_type": "SELENIUM"
              },
              "authtype": "FORM"
            }
          }
        }
      }
    }
  ],
  "schedule": {
    "now": true,
    "duration": {
      "length": 1,
      "unit": "DAY"
    }
  }
}