Skip to main content
Skip table of contents


What is Veracode?

Veracode is an application security platform. It includes Veracode Static Analysis that provides automated feedback to your developers in the IDE and CI/CD pipeline, Veracode Dynamic Analysis that scans runtime applications, and Veracode software Composition Analysis (SCA) that identifies risks from open-source libraries.

Why Should You Use the Veracode Connector?

The Veracode connector provides visibility into the assets in your environment. You can use this visibility to:

  • ensure assets are managed per your security policies

  • derive relationships between assets, users, applications, and data

How Does This Connector Work?

Lucidum executes read-only requests to the Veracode REST API and ingests only meta-data about Veracode devices. Lucidum does not retrieve any data stored on your assets.

Configuring the Connector in Lucidum





The URL for the Veracode API.

Client ID

Client ID for a Veracode account with read access.


Client Secret

The client secret for the Veracode account.


Verify SSL.

For future use.


Source Documentation

Creating Credentials

Contact your Lucidum Sales Representative for help with creating credentials.

  1. Log in to the Veracode Platform.

  2. From the user account dropdown menu, select API Credentials.

  3. Click Generate API Credentials.

  4. Copy the client ID and secret key to a secure place. The creation of new credentials revokes any old credentials after 24 hours.

Required Permissions

Contact your Lucidum Sales Representative for help with permissions.

  • Read access for applications

  • Read access for Findings

API Documentation

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.