Skip to main content

Generating a Refresh Token (API Key)

If you have user credentials for Checkmarx One, you can obtain a refresh token (API Key) from the Authentication API using your account’s username and password. Alternatively, you can log in to Checkmarx One and generate a refresh key (API Key).

Figure 1. 

GIF - How to generate an API Key

To generate a refresh token via Checkmarx One:

  1. Log in to the Checkmarx One web portal and select Identity_and_Access_MGMT.png User Management in the main navigation.

    The IAM portal opens.

  2. Click API Keys in the main navigation.

  3. Click Create Key.


    A new key is created with the permissions of the current user assigned to it, and a dialog opens showing the API Key.

  4. If you would like to get the curl request for generating an Access Key (i.e., a bearer token to be submitted with the API calls), click on Show details to expand the display.

  5. Copy the API Key and/or the curl and save them in a place where you will be able to retrieve them for future use. Then, click OK to close the dialog.