Skip to main content

Accessing the Access Control Web Interface (v2.0 and up)

Access Control User Administrator Login


For upgrade installations, existing users can login using their former credentials.

Upon a successful, first-time installation of Access Control, first you will be required to create an Administrator user account. The Admin user, who will be a member of the CxServer Team (the top level in the hierarchy) will have complete permissions for managing all applicable users, roles, teams, server settings, and projects.

To access the Access Control Administrator user login:

Point your browser to http://<SAST server>:<port> where the Access Control port is as defined in the installation, or can be located in the log: <protocol>://<machine>/CxRestAPI/authTest/, e.g., https://localhost/CxRestAPI/authTest/.


Enter the required Administrator user account information:



First & Last Name

Full name for the Administrator user


User name for the Administrator user as defined for sign-in


Email address for the Administrator user


Unique password as defined for the Administrator user sign-in.

The same password must be retyped to confirm.

Click Register. You will now be taken directly to the Checkmarx Login.

Checkmarx Login

The Login page enables signing in to Access Control by:

  • Application (Application User) – A user account created and managed only in the Checkmarx product.

  • Directory User – A user accessing the Checkmarx product, being managed by the LDAP or domain server.

  • SAML SSO – A user with SAML configured will see one button (per SAML instance) to sign in with SAML SSO.

  • Windows SSO – If the server has LDAP SSO configured, a sign-in option for using Windows SSO is provided.




User name

User name, as defined for Administrator user login


Unique password, as defined for the user login.

Same password must be retyped to confirm.

Sign in method

Select a sign in method: Application, the name of any configured LDAP/SAML/domain server(s)


After selecting the sign in method, click Login.

Windows SSO

If the server has LDAP SSO configured, you can login using Windows Single-Sign-On (no user name / password needed).


If SAML is configured, you can login using SAML Single-Sign-On (no user name / password needed). For details on SAML SSO configuration, see here.

Once the Checkmarx Login window is displayed, enter the user login credentials and select a sign in method, then click Login (or sign in using Windows SSO or SAML SSO).

Forgot Password

[For Application users only]: If you forgot your password, simply click Forgot Password on the login screen and Access Control will send you an email with a link to reset your password. This link is valid for 24 hours. If the time frame has expired to reset your password, click Forget Password once again to repeat the process.



  • The ‘Forgot Password’ option is only relevant if an SMTP server is already configured in the system, as an email with a ‘reset password’ link will be sent to the registered account.

  • Users without valid emails configured in the system should have a user with User Manager permissions reset the password for them.