- Checkmarx Documentation
- Checkmarx SCA
- Checkmarx SCA (REST) API Documentation
- Checkmarx SCA (REST) API - Scan Recalculation
Checkmarx SCA (REST) API - Scan Recalculation
This API is used for running a Scan Recalculation on an existing project. This is done by taking the dependencies identified in a previous scan and re-assessing the risks affecting your project based on the current data. There is no need to resubmit the source code in order to run scan recalculation since it uses the dependency resolution output from the previous scan. Any state changes or comments that have been made since the last scan are implemented when you run a scan recalculation on the project.
Warning
This API does not run a full SCA scan of your project. To run a full SCA scan, use the Scan Upload endpoints.
Notice
This API is supported both for Checkmarx One and SCA standalone accounts.
Scan Recalculations URLs
Notice
This API is supported both for Checkmarx One and SCA standalone accounts.
Checkmarx One
The following base URLs are used for these APIs, depending on your environment:
US Environment - https://ast.checkmarx.net/api/sca/scan-runner/scans/recalculate
US2 Environment - https://us.ast.checkmarx.net/api/sca/scan-runner/scans/recalculate
EU Environment - https://eu.ast.checkmarx.net/api/sca/scan-runner/scans/recalculate
EU2 Environment - https://eu-2.ast.checkmarx.net/api/sca/scan-runner/scans/recalculate
DEU Environment - https://deu.ast.checkmarx.net/api/sca/scan-runner/scans/recalculate
Australia & New Zealand – https://anz.ast.checkmarx.net/api/sca/scan-runner/scans/recalculate
India - https://ind.ast.checkmarx.net/api/sca/scan-runner/scans/recalculate
Singapore - https://sng.ast.checkmarx.net/api/sca/scan-runner/scans/recalculate
UAE - https://mea.ast.checkmarx.net/api/sca/scan-runner/scans/recalculate
Checkmarx SCA Standalone
US Environment - https://api-sca.checkmarx.net/scan-runner/scans/recalculate
EU Environment - https://eu.api-sca.checkmarx.net/scan-runner/scans/recalculate
Workflow
Create a project, run a scan and review and triage the results.
Use
POST /package-vulnerabilities
and/orPOST /package-supply-chain-risks
to change the states and add comments for specific vulnerabilities and supply chain risks.Use this API to run scan recalculation.
Warning
Management of Risk changes don't take affect until either a scan recalculation is done or a new scan is run on the project. For Checkmarx One users, scan recalculation is done using the API described here.
POST Run scan recalculation
Description
Run scan recalculation on a project. The success response returns the scanId
which can be used to retrieve the results from the recalculated scan.
Media Type (header)
Authorization: Bearer <access_token>
Accept: application/json
Curl Sample
curl --request POST \ --url 'https://api-sca.checkmarx.net/scan-runner/scans/recalculate' \ --header 'Accept: text/plain, application/json, text/json' \ --header 'Content-Type: multipart/form-data' \ --form projectId=8a9e6629-7544-478a-a8b0-92e6f6894bb0
Parameters
Body Parameter - Required
Format: multipart/form-data
Parameter | Type | Description |
---|---|---|
projectId | string | Specify the unique identifier of the project on which you would like to run the scan recalculation. |
Success Response
Message: Accepted
Attributes:
Attribute | Type | Description |
---|---|---|
scanId | string | The unique identifier of the scan that was generated by the recalculation. |
Error Response
Message: |