How to integrate Checkmarx account?

Overview

To authenticate with Checkmarx (SAST/SCA), you will need the following information:

• Checkmarx Server URL (your instance URL)
• Client ID
• Client Secret
• Tenant Name (for Checkmarx One/Cloud)

Step 1: Login to Checkmarx Console

1. Sign in to your Checkmarx instance:
   • Checkmarx One/Cloud: https://<region>.checkmarx.net
2. Ensure you have Administrator or API User role

Step 2: Create OAuth Client (Checkmarx One/Cloud)

For Checkmarx One Platform

1. Navigate to Settings → Identity and Access Management

2. Select OAuth Clients tab

3. Click Create OAuth Client

4. Fill in the following details:

   Client Configuration:

   • Client Name: Enter a descriptive name (e.g., "Unizo Integration")
   • Description: Add integration purpose
   • Grant Type: Select Client Credentials

5. Set Permissions/Roles:

   Available Roles:

   • ast-scanner: Submit scans and view results
   • ast-viewer: Read-only access to scan results
   • ast-admin: Full administrative access
   • sca-scanner: SCA scan operations
   • api-access: General API access

   Recommended for Vulnerability Management:

   • Minimum: ast-viewer for read-only access
   • Full integration: ast-scanner + sca-scanner

6. Click Create

Step 3: Copy OAuth Credentials

After creation, Checkmarx will display:

1. Client ID: Unique identifier for your client
2. Client Secret: Secret key for authentication

Important:

• Copy both values immediately - Client Secret is shown only once
• Store them securely in a secrets manager
• If lost, you must regenerate credentials

Step 4: Determine Your API Endpoints

Your API endpoints depend on your Checkmarx deployment:

Checkmarx One (Cloud):

• US: https://us.api.checkmarx.net
• EU: https://eu.api.checkmarx.net
• ANZ: https://anz.api.checkmarx.net
• IAM: https://iam.checkmarx.net (for authentication)