- Checkmarx Documentation
- Checkmarx SAST
- SAST API Guide
- CxSAST (SOAP) API
- Mapping SOAP to REST
Mapping SOAP to REST
This section is designed to be used as a basic summary of SOAP to REST API mapping. SOAP APIs are grouped according to their product area and each API has a direct link to the relevant API documentation. Mapping for each SOAP API and it's related REST API is also indicated. Additional information is also provided. It is also highly important to see, New REST APIs and Authentication Methods – Upgrade Implications.
Group | SOAP API | REST API | Additional Information |
---|---|---|---|
Login | POST /auth/login | SOAP cookie-based login replaced with a REST Token: Token-based Authentication / Login using OAuth 2.0. | |
Logout LoginWithToken SsoLogin | See above | See above | |
Projects | IsValidProjectName | Replaced with GET /projects.CxSAST (REST) API v2.1 | |
GET /projectsCxSAST (REST) API v2.1 | Get details of all projects. | ||
GET /projects/{id}CxSAST (REST) API v2.1 | Get details of a specific project. | ||
GET /sast/presetsCxSAST (REST) API v1 | Get details of all presets. | ||
UpdateProjectConfiguration | PUT /projects/{Id}CxSAST (REST) API v2.1 | Update specific project’s details. Parameters include - name, owningTeam and customFields (Id and value). | |
GET /customFieldsCxSAST (REST) API v1 | Get details of all custom fields. | ||
POST /sast/scanSettingsCxSAST (REST) API v1 | Define specific project’s scan settings. Parameters include - presetId, engineConfigurationId, postScanActionId and emailNotifications (beforescan, failedScans, afterScans). | ||
PUT /projects/{id}/sourceCode/excludeSettingsCxSAST (REST) API v1 | Set a specific project's exclude folders/files settings. Parameters include - excludeFoldersPattern and excludeFilesPattern. | ||
PUT /sast/project/{projectId}/schedulingCxSAST (REST) API v1 | Define specific project’s scan scheduling settings. Parameters include -scheduleType and scheduleDays. | ||
POST /projects/{id}/issueTrackingSettings/jiraCxSAST (REST) API v1 | Set a specific project’s Jira issue tracking system settings. Parameters include - issueTrackingSystemId, jiraProjectId, issueType, field Ids and values. | ||
POST /projects/{id}/dataRetentionSettingsCxSAST (REST) API v1 | Set a specific project’s data retention settings. Parameters include - scansToKeep. | ||
GET /sast/engineConfigurationsCxSAST (REST) API v1 | Get details of all engine configurations. | ||
DELETE /projects/project{Id}CxSAST (REST) API v2.1 | Delete a specific project. Parameters include - deleteRunningScans (true/false). | ||
POST /projects/{id}/branchCxSAST (REST) API v1 | Create a specific project’s branch. Parameters include - name. | ||
GET /sast/scansCxSAST (REST) API v1 | Get all scans for a specific project. | ||
GET /projects/{id}CxSAST (REST) API v1 | Gets details of all projects. Returns wide-ranging project information - owning team, latest scan, all project scans, scan settings and custom fields. | ||
GET /customFieldsCxSAST (REST) API v1 | Get details of all custom fields. | ||
PUT /projects/{id}CxSAST (REST) API v1 | Update an existing project’s details. Parameters include – name, owningTeam and customFields (id and value). | ||
Scans | POST /sast/scanSettingsCxSAST (REST) API v1 | Define a specific project’s scan settings. Parameters include - presetId, engineConfigurationId, postScanActionId and emailNotifications (beforescan, failedScans, afterScans). | |
POST /projects/{Id}/sourceCode/attachmentsCxSAST (REST) API v1 | Upload a specific project’s zip file (contains the source code for scanning). Parameters include - zippedSource. | ||
POST /projects/{Id}/sourceCode/remoteSettings/gitCxSAST (REST) API v1 | Set a specific project’s remote source settings for GIT. Parameters include - url, branch and privateKey. | ||
GET /projects/{Id}/sourceCode/remoteSettings/gitCxSAST (REST) API v1 | Get a specific project’s remote source settings for GIT. | ||
POST /projects/{Id}/sourceCode/remoteSettings/git/sshCxSAST (REST) API v1 | Set a specific project’s remote source settings for GIT using SSH. Parameters include - url, branch and privateKey. | ||
POST /projects/{Id}/sourceCode/remoteSettings/svnCxSAST (REST) API v1 | Set a specific project’s remote source settings for SVN. Parameters include - url, absoluteUrl, port, paths and credentials (username, password and privateKey). | ||
GET /projects/{Id}/sourceCode/remoteSettings/svnCxSAST (REST) API v1 | Get a specific project’s remote source settings for SVN. | ||
POST /projects/{Id}/sourceCode/remoteSettings/svn/sshCxSAST (REST) API v1 | Set a specific project’s remote source settings for SVN using SSH. Parameters include - absoluteUrl, port, paths and privateKey. | ||
POST /projects/{Id}/sourceCode/remoteSettings/tfsCxSAST (REST) API v1 | Set a specific project’s remote source settings for TFS. Parameters include - credentials (username and password), url, absoluteUrl, port and paths. | ||
GET /projects/{Id}/sourceCode/remoteSettings/tfsCxSAST (REST) API v1 | Get a specific project’s remote source settings for TFS. | ||
POST /projects/{Id}/sourceCode/remoteSettings/perforceCxSAST (REST) API v1 | Set a specific project’s remote source settings for Perforce. Parameters include - credentials (username and password), url, absoluteUrl, port, paths and browseMode. | ||
GET /projects/{Id}/sourceCode/remoteSettings/perforce | Get a specific project’s remote source settings for Perforce. | ||
POST /projects/{Id}/sourceCode/remoteSettings/shared | Set a specific project’s remote source settings for a shared repository. Parameters include – paths and credentials (username and password). | ||
GET /projects/{Id}/sourceCode/remoteSettings/sharedCxSAST (REST) API v1 | Get a specific project’s remote source settings for a shared repository. | ||
POST /projects/{Id}/sourceCode/remoteSettings/customCxSAST (REST) API v1 | Set a specific project’s remote source settings for a custom repository (e.g., source pulling). Parameters include – paths and credentials (username and password). | ||
GET /projects/{Id}/sourceCode/remoteSettings/customCxSAST (REST) API v1 | Get a specific project’s remote source settings for a custom repository (e.g., source pulling). Parameters include – paths, preScanCommandId and credentials (username and password). | ||
POST /sast/scansCxSAST (REST) API v1 | Create a new scan and assign it to a specific project. Parameters include – isIncremental, isPublic, forceScan and comment. | ||
DELETE /sast/scans/{id}CxSAST (REST) API v1 | Delete a specific scan. | ||
PATCH /sast/scansQueue/{id}CxSAST (REST) API v1 | Cancel a specific scan while still in the queue. Parameters include - status (cancelled). | ||
POST /sast/scanSettingsCxSAST (REST) API v1 | Define a specific project’s scan settings. Parameters include - presetId, engineConfigurationId, postScanActionId and emailNotifications (beforescan, failedScans, afterScans). | ||
PATCH /sast/scans/{id}CxSAST (REST) API v1 | Add a comment to a specific scan. Parameters include - comment. | ||
ScanWithOriginName | POST /sast/scansCxSAST (REST) API v1 | Custom name added to CxOrigin in the POST /sast/scans header.CxSAST (REST) API v1 | |
ScanWithScheduling | Merged with ScanWithSchedulingWithCron. | ||
PUT /sast/project/{projectId}/schedulingCxSAST (REST) API v1 | Define specific project’s scan scheduling settings. Parameters include - scheduleType and scheduleDays. | ||
GET /sast/scans/{id}CxSAST (REST) API v1.1 | Get details of a specific scan. Returns status and stage of the scan. | ||
GET /sast/scanSettings/{projectId}CxSAST (REST) API v1 | Get a specific project’s scan settings. Returns preset and engine configuration of the scan. | ||
GET /sast/scansQueueCxSAST (REST) API v1 | Get details of all scans in the scans queue. Returns wide-ranging scan information (e.g., stageDetails, engineId, languages, teamId, loc, origin, queuePosition, isIncremental, isPublic, origin, creation date, etc..). | ||
GET sast/scans?scanStatus={status}CxSAST (REST) API v1 | Get all scans with a specific scan status (Scanning, Finished, Canceled or Failed). | ||
GET /sast/scans?last={numberOfLastScans}CxSAST (REST) API v1 | Get all scans according to number of last scans. | ||
GET /sast/scansCxSAST (REST) API v1.1 | Get all scans. | ||
GET /sast/scansQueue/{Id}CxSAST (REST) API v1.1 | Get details of a specific scan in the scans queue. | ||
GetScanSummary | GET /sast/scansCxSAST (REST) API v1.1 | Get all scans. Enhanced API with detailed scan information similar to SOAP. | |
GetScansDisplayDataForAllProjects | GET /sast/scansCxSAST (REST) API v1.1 | Get all scans. Enhanced API with detailed scan information similar to SOAP. Get the last scan of a project. | |
Get sast/scans/{id}/resultsStatisticsCxSAST (REST) API v1 | Get statistic results for a specific scan. Returns summary of results (by severity). Result is also available as a link in the GET /sast/scans resource.CxSAST (REST) API v1.1 | ||
Get /sast/scans?projectId={projectId}&Last={number}CxSAST (REST) API v1 | Get the last scan of a specific project. | ||
Scan Reports | POST /reports/sastScanCxSAST (REST) API v1 | Generate a new scan report. | |
GET /reports/sastScan/{Id}/statusCxSAST (REST) API v1 | Get the status of a generated report. | ||
GET /reports/sastScan/{Id}CxSAST (REST) API v1 | Get the specific report once generated. | ||
Managing Users | For future release | ||
For future release | |||
GET /auth/teams | Gets details of all teams. | ||
GetTeamLdapGroupsMapping | For future release | ||
SetTeamLdapGroupsMapping | For future release | ||
Data Retention | ExecuteDataRetention | POST /sast/dataRetention/byDateRangeCxSAST (REST) API v1.1 | Define data retention global settings by date range. Parameters include – startDate, endDate and durationLimitInHours. |
POST /sast/dataRetention/byNumberOfScansCxSAST (REST) API v1.1 | Define data retention global settings by number of scans. Parameters include – numOfSuccessfulScansToPreserve and durationLimitInHours. | ||
StopDataRetention | POST /sast/dataRetention/stopCxSAST (REST) API v1.1 | Stops global data retention. | |
POST /projects/{Id}/dataRetentionSettingsCxSAST (REST) API v1 | Set specific project’s data retention settings. Parameters include – scansToKeep. |