Skip to main content

Checkmarx One CLI Quick Start Guide


The legacy CLI (v1) only configures and initiates a SAST, SCA and OSA scans.

The Checkmarx One CLI (v2) is a Command Line Interface that acts as a wrapper and enables the ability to perform all tasks that are normally done via the REST APIs.

There are specific executables for the main use cases in order to perform the following:

  • create/delete/get/set projects

  • create/delete/get/set scans for all of our engines

  • get results

The latest CLI is also in a container, in case the user wants to deploy and use it in that way: checkmarx/ast-cli



Download the latest release from:

Quick Start

Create Client

Get an API key from the Checkmarx One server by clicking on Identity and Access Management and API Keys


Create a Key and copy it to your clipboard



Once you close this dialog, you can’t access it again and will have to create another key.

Command Line

$ ./cx.exe configure
Setup guide:

Checkmarx One Base URI []:
Checkmarx One Base Auth URI (IAM) []:
Checkmarx One Tenant [organization]: mytenantname
Do you want to use API Key authentication? (Y/N): Y
Checkmarx One API Key []: <paste api key>

$ ./cx.exe scan create --project-name demotest -s --sast-preset-name "High and Medium" --file-filter "!test/" --branch "main"

Scan ID    : 46996ef8-729b-4eff-b0ef-658346caae2a
Project ID : 9c7c3a2f-8126-484b-b1f6-7f24ccbecb4b
Status     : Running
Created at : 09-20-21
Tags       : []
Initiator  : org_admin
Origin     : ASTCLI 2.0.0-rc.23

wait for scan to complete 46996ef8-729b-4eff-b0ef-658346caae2a Running