Generating an API Key
You can generate an API Key by logging in to Checkmarx One and generating a new API Key, as described below. Alternatively, an API Key can be generated using the Authentication API.
The roles (permissions) assigned to an API Key are inherited from the user who is logged in when the API key is generated. Therefore, make sure that you are logged in to an account with the appropriate permissions. The minimum required roles for running an end-to-end flow of scanning a project and viewing results are the out-of-the-box composite role ast-scanner as well as the IAM role default-roles. See Managing Roles
Warning
Whenever you update your Checkmarx One license (e.g., adding a new scanner) all existing API Keys become invalid. You will need to generate new API Keys to replace those that are used in your integrations and plugins.
 |
GIF - How to generate an API Key
To Log in to Checkmarx One:
Open the URL for your environment.
Log in to your Checkmarx One account by entering your Tenant Account, Username and Password.
Notice
The roles (permissions) assigned to the API Key are inherited from the user account that generates the key. Therefore, make sure that you are logged in to an account with the appropriate.
To generate an API Key via Checkmarx One:
Log in to the Checkmarx One web portal and select
Identity and Access Management in the main navigation.The IAM portal opens.
In the main navigation, click API Keys, then click on the Create Key button.
A new key is created with the permissions of the current user assigned to it.
Copy the key and save it in a place where you will be able to retrieve it for future use.
Notice
Once you close the window, you will no longer be able to access this API Key.
Notice
You can obtain a curl for submitting the request for an access token, by clicking on Show details and copying the content.