Skip to main content

Checkmarx One API - Uploads

You can use the Scan Upload API to upload a zip archive to a preconfigured storage location. You will then be able to run a scan on the source code contained in the zip archive.


If you are scanning the source code directly from a Git repo, then this procedure is not needed. Use POST /scan to run a scan on the source code in the repo.

The base URLs, depending on your environment, are:


  1. Use POST /api/uploads to generate an upload link.

  2. Use PUT /{uploadLink} , specifying the path to your ZIP file, to upload your file.

  3. Use POST /api/scans , specifying the Project ID and upload link, to scan the ZIP file.

  4. Use GET /api/scans/{scanId} to check the status of the scan.

  5. View the results using GET /api/results, specifying the Scan ID. Alternatively, you can view the results in the Checkmarx One web portal (UI), see Scan Results.

The following is a list of Checkmarx One APIs that relate to Uploads:





Generate Upload Link



Generate a pre-signed upload URL to be used for scanning a zip archive.

This returns an upload link which is used in PUT Upload Source and POST Scan.

Upload Source



Upload the zip file to Checkmarx One.

The Path parameter is the link you generated using POST Generate Upload Link.

The Body parameter is the path to the zip archive on your local machine.