Creating an OAuth Client for Checkmarx One Integrations

You can create an OAuth Client by logging in to Checkmarx One and creating a new client.

Logging in to Checkmarx One

To Log in to Checkmarx One:

Open the URL for your environment.
Checkmarx One Server Base URLs
US Environment - https://ast.checkmarx.net
US2 Environment - https://us.ast.checkmarx.net
EU Environment - https://eu.ast.checkmarx.net
EU2 Environment - https://eu-2.ast.checkmarx.net
DEU Environment - https://deu.ast.checkmarx.net
Australia & New Zealand – https://anz.ast.checkmarx.net
India - https://ind.ast.checkmarx.net
Singapore - https://sng.ast.checkmarx.net
Log in to your Checkmarx One account by entering your Tenant Account, Username and Password.
Notice
To create an OAuth Client, you need to be signed in as an admin user.

Creating an OAuth Client

GIF - How to create an OAuth Client

To create an OAuth Client:

Log in to Checkmarx One and click on Settings > Identity and Access Management in the Menu panel.
In the Identity and Access Management console, click OAuth Clients and then click Create Client.
In the Client ID field, enter a descriptive name for Client, and then click Create client.
The Client Settings screen is shown.
Copy the Client ID for use in the plugin configuration.
Click on the Regenerate button to generate the Secret,
In the dialog that opens, copy the Secret for use in the plugin configuration, and then click Ok to close the dialog
You can optionally adjust the Settings as follows:
- Name - Specify the name that will be displayed for this Client.
- Other - Enter additional information about this Client.
- Description - Enter a description of this Client.
- Expiration period - Specify the period of time until the key expires. The value can be from 30 to 365 days.
  Notice
  If an administrator set the default expiration period to be "enforced", then this field will be locked.
- Days before notification - Specify the number of days before the Client will expire that notifications will start being sent. Notifications will be sent on a daily basis from the day on.
- Notification emails - Enter emails of each recipient who you would like to receive notifications regarding expiration of the key. After entering each email, click Add. By default the email of the current user is included.
Under Groups, you can optionally assign groups to the Client.
For more information, refer to Groups.
Under Role Mapping > CxONE roles, search for either ast-admin or ast-scanner and click Add in the relevant row to add the role to the client.
Click Save Client.