Veracode Greenlight for VS Code
Veracode Greenlight for VS Code finds security defects in your code and provides contextual remediation advice in seconds to help you fix issues directly in your editor. With Veracode Greenlight for VS Code, find issues early, reduce development and remediation costs, and deploy quality code.
Storing Your Veracode API ID and Key
Before you can scan with Veracode Greenlight for VS Code, you need to store your Veracode API ID and key in a local credentials file. If you have trouble generating your Veracode API ID and key, contact your administrator or go to the Veracode Documentation.
Windows Setup Instructions
Generate your Veracode API ID and key on the Veracode Platform.
Run Command Prompt.
2.1. Navigate to your user directory.
cd Users\<your username>
2.2. Create a folder named ".veracode".
md .veracode
Open Visual Studio Code and create a new file.
3.1. Copy and paste the following template into the new file.
[default]
veracode_api_key_id = <Your Veracode API ID>
veracode_api_key_secret = <Your Veracode API Key>
3.2. Replace the ID and key values in the template with your Veracode API ID and key. For example:
[default]
veracode_api_key_id = 0cf16628457bdd1e9a17f31390098fe9
veracode_api_key_secret =
d4d91a1639e01a64804d76d3d24db4f76cd3490da13b816264748d71278bb38c093151dea6befa95aa4b71dbbd7241991e021dcdde369
7ad603320d96e2c4c16
3.3. Save the file as "credentials" with the "Save as type" set to "No Extension".
Return to Visual Studio Code and run a scan.
macOS Setup Instructions
Generate your Veracode API ID and key on the Veracode Platform.
Open Terminal to your home directory (i.e. mac:~ user$).
2.1. Create a directory named ".veracode" (Note: this is a hidden directory).
mkdir .veracode
2.2. Navigate to .veracode.
cd .veracode
2.3. Create a file named "credentials".
touch credentials
2.4. Open Finder to .veracode.
open .
Double click the credentials file to open it in a text editor.
3.1. Copy and paste the following template into the credentials file.
[default]
veracode_api_key_id = <Your Veracode API ID>
veracode_api_key_secret = <Your Veracode API Key>
3.2. Replace the ID and key values in the template with your Veracode API ID and key. For example:
[default]
veracode_api_key_id = 0cf16628457bdd1e9a17f31390098fe9
veracode_api_key_secret =
d4d91a1639e01a64804d76d3d24db4f76cd3490da13b816264748d71278bb38c093151dea6befa95aa4b71dbbd7241991e021dcdde369
7ad603320d96e2c4c16
3.3. Save your changes.
Return to Visual Studio Code and run a scan.
If you followed these instructions and are still unable to scan, contact Veracode Support.
Run a Veracode Greenlight Scan
Scan a file with Veracode Greenlight through any of the following methods:
- Save your file with auto-scan enabled.
- Type **Ctrl + Shift + \ **(Windows) and **⌃ + ⇧ + \ **(macOS).
- Run "Veracode: Scan with Greenlight" from the Command Palette.
- Click the Greenlight
icon in the file toolbar.
- Right-click a file in the Explorer and select "Scan with Greenlight".
View Your Findings
You can view the results of your scans by clicking the 
icon in the Activity Bar or by running Veracode: View Findings from the Command Palette.
With the Veracode extension open, click on a finding to expand the node, then click 
View details to view information about that CWE.
Commands
| Command | Outcome | Shortcut(Windows) | Shortcut(macOS) |
|:--|:---------|:--:|:--:|
Veracode: Scan with Greenlight|Scans the active file with Veracode Greenlight.|Ctrl + Shift + \ | ⌃ + ⇧ +
Veracode: Clear Findings| Clears Veracode Greenlight Findings, Best Practices, and Ignored Findings.||
Veracode: View Findings| Opens Veracode Greenlight for VS Code and expands the Findings view.|||
Veracode: Filter Findings|Opens the Veracode Filters and Settings editor.||
Help and Support
Visit our Veracode Documentation for installation, usage instructions, and help articles such as:
Veracode Support
If you have any questions or need assistance at any time, contact your Veracode Account Manager or support@veracode.com.
Veracode Community
Connect with peers and Veracode subject-matter experts in the Veracode Community.
