Skip to main content

Creating an OAuth Client for Checkmarx One Integrations

You can create an OAuth Client by logging in to Checkmarx One and creating a new client.

Logging in to Checkmarx One

To Log in to Checkmarx One:

  1. Open the URL for your environment.

  2. Log in to your Checkmarx One account by entering your Tenant Account, Username and Password.

    Notice

    To create an OAuth Client, you need to be signed in as an admin user.

Creating an OAuth Client

Creating_a_New_OAuth_Client_1.gif

GIF - How to create an OAuth Client

To create an OAuth Client:

  1. Log in to Checkmarx One and click on Settings Settings.png > Identity and Access Management in the Menu panel.

    SettingsMGMT.png
  2. In the Identity and Access Management console, click OAuth Clients and then click Create Client.

    Image_1038.png
  3. In the Client ID field, enter a descriptive name for Client, and then click Create client.

    Image_379.png

    The Client Settings screen is shown.

    Image_380.png
  4. Copy the Client ID for use in the plugin configuration.

  5. Click on the Regenerate button to generate the Secret,

  6. In the dialog that opens, copy the Secret for use in the plugin configuration, and then click Ok to close the dialog

    Image_1039.png
  7. You can optionally adjust the Settings as follows:

    • Name - Specify the name that will be displayed for this Client.

    • Other - Enter additional information about this Client.

    • Description - Enter a description of this Client.

    • Expiration period - Specify the period of time until the key expires. The value can be from 30 to 365 days.

      Notice

      If an administrator set the default expiration period to be "enforced", then this field will be locked.

    • Days before notification - Specify the number of days before the Client will expire that notifications will start being sent. Notifications will be sent on a daily basis from the day on.

    • Notification emails - Enter emails of each recipient who you would like to receive notifications regarding expiration of the key. After entering each email, click Add. By default the email of the current user is included.

  8. Under Groups, you can optionally assign groups to the Client.

    For more information, refer to Groups.

  9. Under Role Mapping > CxONE roles, search for either ast-admin or ast-scanner and click Add in the relevant row to add the role to the client.

    Oauth_Clients_Role_Mapping3.png
  10. Click Save Client.