Skip to main content

Applications REST API

You can use the Applications API to quickly access information about your Veracode applications.

The Applications API endpoint provides access to all the applications in your portfolio, as well as application-related data, such as sandboxes and policy evaluations. You can use the Applications API with other REST APIs to simplify common reporting and dashboarding scenarios, enabling you to get the latest data for each application with a single call. You can also access historical state-change information on findings and use HMAC authentication to improve API security.

You can combine queries in your requests using & to perform multiple actions at the same time. For example:

http --auth-type=veracode_hmac "https://api.veracode.com/appsec/v1/applications?policy_compliance=DID_NOT_PASS&modified_after=2020-02-28"

Permissions and authentication

You must have an API service account or a user account with the Creator or Security Lead role.

This API uses API ID/key credentials and HMAC authentication to provide improved security. Before you can send requests, you must complete these configurations:

Ensure you access the APIs with the domain for your region.

Applications API specification

The Applications API specification is available from SwaggerHub.