Skip to main content

Checkmarx One Azure DevOps Plugin Initial Setup

Before running Checkmarx One scans from an Azure pipeline, you need to set up a service connection for accessing your Checkmarx One environment.

In order to create the service connection you need to authenticate with your Checkmarx One account. This can be done using either an Oauth Client or an API Key.

To create a service connection:

  1. In the Azure console, click on project settings > service connections.

  2. Click New service connection at the top right of the screen.

  3. In the New service connection pane, select the radio button next to Checkmarx One Service Connection and then click Next.

    The service connection setup form is displayed.

  4. Under Authentication method, select the radio button for the authentication method you would like to use. Options are: Client ID & Secret or API Key.

    Depending on your selection, the relevant authentication fields are displayed.

  5. For OAuth Client authentication, fill in the following info:

    1. Fill in the Server URL with the appropriate URL for your environment.

    2. If the authentication URL is different than the server URL, then enter the appropriate Checkmarx One Authentication URL.


      For Checkmarx One cloud platform, this is required.

    3. Enter the OAuth Client ID and Secret that you created in Checkmarx One. To create an OAuth Client, see Creating an OAuth Client for Checkmarx One Integrations.

  6. For API Key authentication, fill in the following info:

    1. Fill in the Server URL with the appropriate URL for your environment.

    2. Enter your API Key. To generate an API Key, see Generating an API Key.

  7. In the Details section, in the Service connection name field, enter a descriptive name for the connection (e.g., Checkmarx One Connection).

  8. You can optionally enter a brief Description of the connection.

  9. In the Security section, if you want to grant access for all pipelines, verify that the “Grant access permission to all pipelines” checkbox is selected (default). If you deselect this checkbox then you will need to manually grant permission for each pipeline for which you would like to use this connection.

  10. Click Save.

    The Service connection is created and is listed on the Service connections screen.