Skip to main content

CxOSA Application Settings

This section provides information about the following:

CxOSA Application Setting

Application settings are currently dependent on CxSAST and can be configured as part of the CxSAST applications settings (such as Server and SMTP Settings). For more information about CxOSA-specific settings, refer to the relevant pages in this section.

OSA Settings

Click Settings > Application Settings > select CxOSA Settings. The CxOSA settings screen enables you to set the CxOSA settings for the system.


In order to start working with CxOSA settings, you first need to accept the End User License Agreement (EULA). Click the View EULA button, read and accept the agreement.

  • Organization Token - Displays the organization token provided by Checkmarx (read-only).The CxOSA settings fields are enabled automatically and include the following settings:

  • OSA Scan Options:

    o Standard Scan – This option analyses open source identifiers (e.g., file name, group Id and Artifact ID) providing better accuracy, but less confidentiality (Default for new installations).

    o Restricted Scan – This option analyses open source fingerprints only, providing better security, but less accuracy (Default for upgrades on existing installations).

Correlate CxOSA with CxSAST results

For this version only .NET and Java are supported.

Click Test Connection to perform a health check for connection validation.


This connection validation test checks the following CxOSA components:



Connect to CxProxy

The configured CxOSA cloud URL is reachable. For example:

Connect to Engine

CxOSA was able to perform a cloud REST API call successfully

Validate Organizational Token

The Organization Token is valid and can be used to scan

Connect to CxOSA Services

CxOSA was able to connect to the scan services on the server (Scan Manager & Jobs Manager)

Each tested component will indicate either successful or failed validation/connection.

CxOSA License Details

Click Management > Application Settings > select License Details. The License Details screen enables you to view CxOSA license details for the system. The General panel provides license information for CxSAST and CxOSA.


The General panel includes the following information:

  • Edition - License type (SDLC or Security Gate)

  • Expiration Date - License expiry date

  • LOC - The number of lines of code included in the license (CxSAST only)

  • HID - Hardware identification number

  • CxOSA License - CxOSA license status; Enabled, Disabled or Conditional (with expiration date for Conditional version).


You can copy the hardware ID (HID), for which you will need in order to obtain a license from Checkmarx. You can also obtain your hardware ID by using the shortcut in the Windows/Start > Checkmarx > HID (HardwareId).