Skip to main content

Configuring Plugins

Configuring the CxCLI Plugin to work with SCA Agent

  1. Install and run SCA Agent, as described in Getting Started with the Checkmarx SCA Agent and Managing the SCA Agent. You now have a private URL similar to the following:
  2. Install a Checkmarx plugin. This example demonstrates the CxCLI plugin. To download, go to and choose CLI.

    For detailed instructions, see CLI Plugin Overview (Support for Checkmarx SCA).

  3. Use the following command line arguments for the Authentication Server and API, specifying the URL from step 1:

    • -ScaApiUrl (URL of the Checkmarx SCA API endpoint)

    • -ScaAccessControlUrl (URL of the Access Control server used to log in to Checkmarx SCA)

    See the following sample:

    ./ ScaScan -scaaccount Account -scausername username -scapassword XXXXX -projectname ScaProject -locationType Folder -ScaLocationPath /path/to/code -ScaApiUrl -ScaAccessControlUrl

    Alternatively, the config/ file can be edited with the following lines:
  4. Run the scan from the plugin. The SCA Agent scans the source code.


If the plugin environment is connected to the Checkmarx SCA Cloud, it is not necessary to specify the SCA Agent URL in the configuration. However, if the plugin environment has no access to the Internet or to the Checkmarx SCA Cloud, for example, the environment is behind a firewall, you can use SCA Agent as a centralized location for authentication, and it will proxy the request to the Checkmarx SCA Cloud.

Configuring the Jenkins Plugin to work with SCA Agent

The configuration for the Jenkins Plugin is similar to the one for the CxCLI, described above.

Replace the URL’s as in the picture below: