Skip to main content

Checkmarx One Azure DevOps Plugin Initial Setup

Before running Checkmarx One scans from an Azure pipeline, you need to set up a service connection for accessing your Checkmarx One environment.

In order to create the service connection you need to have the Client ID and Client Secret for an OAuth2 Client in Checkmarx One, see Creating an OAuth2 Client for Checkmarx One Integrations.

To create a service connection:

  1. In the Azure console, click on project settings > service connections.

  2. Click New service connection at the top right of the screen.

  3. In the New service connection pane, select the radio button next to Checkmarx One Service Connection and then click Next.

    The service connection setup form is displayed.

  4. Fill in the Server URL with the appropriate URL for your environment.

  5. If the authentication URL is different than the server URL, then enter the appropriate authentication URL.


    For Checkmarx One cloud platform, this is required.

  6. Enter the OAuth2 Client ID and Secret that you created in Checkmarx One.


    If you need to create an OAuth2 client, see Creating an OAuth2 Client for Checkmarx One Integrations.

  7. In the Details section, it is recommended to give the connection a descriptive name (e.g., Checkmarx One Connection) and add a brief description. (optional)

  8. In the Security section, if you want to grant access for all pipelines, verify that the “Grant access permission to all pipelines” checkbox is selected (default). If you deselect this checkbox then you will need to manually grant permission for each pipeline for which you would like to use this connection.

  9. Click Save.

    The Service connection is created and is listed on the Service connections screen.