Troubleshooting APIs and wrappers
This section helps you remedy common problems and understand how better to use Veracode APIs and wrappers.
note
Veracode APIs and integrations require access to specific Region Domains, depending on the region for your Veracode account. Contact your IT team to ensure the correct domains for your region are on the allowlist for your organization. Also, ensure that there is one-way communication on port 443 to the domain for the REST APIs. Refer to the complete list of domains and IP addresses to add to your allowlist.
API or wrapper | Issue | Solution |
---|---|---|
Any API or wrapper | I received an HTTP 401 or Access Denied error. I do not have access to the APIs or I am unsure what kind of access I need. | You must have a Veracode account with the required API roles assigned by your Veracode administrator. Ensure your Veracode API credentials are valid and have not expired. You can generate new credentials in the Veracode Platform. |
Any API | I cannot log in to Veracode when using the APIs. | Ensure you have added the required domains for your Veracode account to the allowlist for your organization. Refer to the complete list of domains and IP addresses to add to your allowlist. Verify that your IP address is in the list or range of addresses in the Allowed IP Addresses field of your user account login settings. If the IP range is set incorrectly, edit the Allowed IP Addresses field to include the IP address of the location of your login. |
Any API | The scan stopped after prescan. | To determine why a scan that started from an API failed after prescan, review the response code returned from beginscan.do . When your script calls beginscan.do , the API returns a status code that confirms the scan successfully started, or provides an error message to explain why the scan did not start. |
Any API | I received cURL error 35. | If you receive the cURL error 35: Unknown SSL protocol error in connection to ... , you need to update your version of cURL. Alternatively, you can pass the option -3 , which forces cURL to use SSL version 3 when negotiating with a remote SSL server. |
Any wrapper | I received a message that displays missing mandatory parameters. | Provide all mandatory parameters in your call. If you do not provide all mandatory parameters, the wrapper returns the missing mandatory parameters in your console. |
Any wrapper | I cannot connect to Veracode through my proxy. | If your organization uses a proxy for outbound connections, provide this information to the wrapper to successfully connect to Veracode. |
Archer API | See Troubleshooting GRC integrations. | |
Dynamic Analysis API | I need to open a support case with Veracode Technical Support. | Provide this information to Veracode Technical Support:
|
Java API wrapper or Veracode Jenkins Plugin | See Troubleshooting CI/CD system integrations. | |
Java API wrapper | I experience a PKIX path building failure when installing the plugin from Eclipse. | Add these lines to the eclipse.ini file in your Eclipse installation directory: -vmargs --Djavax.net.ssl.trustStore="path for cacerts" --Djavax.net.ssl.trustAnchors="path for cacerts" |
Flaw Report API | I see HTTPS status code 204 when I try to call downloadflawreport.do . | If you try to call downloadflawreport.do before generateflawreport.do has completed, you receive HTTP status code 204 to indicate no content is available. Try to download the report at a later time. After an excessively long time, if the Veracode Platform does not return the report, contact Veracode Technical Support. |
Results API | The getappbuilds.do call is slow to deliver information. | Veracode recommends that you use getapplist.do to generate a list of all applications and getbuildlist.do to generate a list of all builds for an application. You can then use getappinfo.do and getbuildinfo.do to retrieve the information about specific applications and builds. |
Upload API | I do not know if the prescan is complete or successful. | To check the prescan results in the Upload API, call getprescanresults.do . |
Upload API | My scan does not complete due to non-fatal errors. | If you want to ensure the scan completes even though there are non-fatal errors such as unsupported frameworks, ensure you use the scan_all_top_level_modules parameter when you use the beginscan.do call. |
Upload API and Integrations | I received a fatal error after prescan, which is preventing my static analysis from starting automatically. | Before the next time your static analysis is scheduled to start automatically, you need to:
|
Any Plugin, Any API | When using either a Veracode plugin, the Veracode API wrappers, or a custom script, I see this returned in the output text: App not in state where new builds are allowed. | This message indicates that a previous static scan did not succeed for the specific application. Log into the Veracode Platform and review the application's current scans to determine if the previous scan did not successfully complete. A previous scan may still be in progress. If a previous scan is still running due to an error, select Delete. You can then use the plugin to submit a new scan request. |
Any Plugin, Any API | I receive an error when an API or integration attempts to access Veracode. | Ensure you have added the required domains for your Veracode account to the allowlist for your organization. Refer to the complete list of domains and IP addresses to add to your allowlist. |