Generating a Refresh Token (API Key)
If you have user credentials for Checkmarx One, you can obtain a refresh token (API Key) from the Authentication API using your account’s username and password. Alternatively, you can log in to Checkmarx One and generate a refresh key (API Key).
![]() |
GIF - How to generate an API Key
To generate a refresh token via Checkmarx One:
Log in to the Checkmarx One web portal and select
User Management in the main navigation.
The IAM portal opens.
Click API Keys in the main navigation.
Click Create Key.
A new key is created with the permissions of the current user assigned to it, and a dialog opens showing the API Key.
If you would like to get the curl request for generating an Access Key (i.e., a bearer token to be submitted with the API calls), click on Show details to expand the display.
Copy the API Key and/or the curl and save them in a place where you will be able to retrieve them for future use. Then, click OK to close the dialog.