Skip to main content

auth

The auth command is used for performing the following actions:

  • register a new OAuth Clients to Checkmarx One user management.

  • validate the OAuth Clients against Checkmarx One.

Authentication Commands

auth can be used with the following commands:

auth register

The auth register command is used for performing the following actions:

  1. Create a new OAuth client in the User Management server from the CLI instead of the User Interface.

    Notice

    To create OAuth clients from the User Interface, refer to the User Management and Access Control documentation.

  2. Authenticate an OAuth client against the User Management server in Checkmarx One.

Requirements

  • In order to create a new OAuth client in the User Management server the following is mandatory:

    • The user must be created via User Management interface.

    • The user must be assigned with iam-admin role.

  • In order to authenticate a client against the User Management server the following is mandatory:

    • The user must have one of the following:

      • Client ID and Secret.

        Notice

        It is possible to retrieve the Client ID and Secret for a specific user using the CLI.

      • API Key.

Usage

./cx auth register [flags]

Flags

Glossary
--base-uri <string>

Host URL for Checkmarx One server.

--description <string>, -d <string>

A client description.

--help, -h

Help for the register command.

--password <string>, -p <string>

Password for Checkmarx One user that privileges to create clients.

--roles <string>, -r <string>

A list of roles of the client [ast-admin ast-scanner]

--username <string>, -u <string>

Username for Checkmarx One user that privileges to create clients.

Examples

Access Key and Secret Authentication
./cx auth register -u <Username> -p <Password> -r <Roles> --base-uri <AST URI>
Create a client in the CLI
user@laptop:/ast$ ./cx auth register -u myuser -p mypassword -r ast-admin,ast-scanner --base-uri https://iam.checkmarx.net/
CX_CLIENT_ID=<generated_client_id>
CX_CLIENT_SECRET=<generated_client_secret>

Note

Settin the CX_BASE_URI as an environment variable will save the user typing the --base-uri value.

For more information regarding environment variables see Checkmarx One CLI Configuration / Environment Variables

Configure the Client ID and Secret in the default profile
# Configure the Client ID and Client secret
./cx configure
Checkmarx One Base URI [https://ast.checkmarx.net/]:https://ast.checkmarx.net/
Checkmarx One Base Auth URI [https://iam.checkmarx.net/]: https://iam.checkmarx.net/
Checkmarx One Tenant [organization]: mytenant
Do you want to use API Key authentication? (Y/N): n
Checkmarx One Client ID []: <generated_client_id>
Client Secret []: <generated_client_secret>

auth validate

The auth validate command is used for validating a client authentication against Checkmarx One.

Usage

./cx auth validate [flags]

Flags

Glossary
--help, -h

Help for the validate command.

Examples

Validating Client Authentication
./cx auth validate
ophir@OphirS-Laptop:~/ast-cli$ ./cx auth validate
Successfully authenticated to Checkmarx One server!