Skip to main content

Uploads API


A comprehensive Checkmarx One API Reference Guide is now available here.


You can use the Scan Upload API to upload a zip archive to a preconfigured storage location. You will then be able to run a scan on the source code contained in the zip archive.


If you are scanning the source code directly from a Git repo, then this procedure is not needed. Use POST /scan to run a scan on the source code in the repo.

Uploads URL

The URL for Projects endpoints is <base_url>/api/uploads


  1. Use POST /api/uploads to generate an upload link.

  2. Use PUT /{uploadLink} , specifying the path to your ZIP file, to upload your file.

  3. Use POST /api/scans , specifying the Project ID and upload link, to scan the ZIP file.

  4. Use GET /api/scans/{scanId} to check the status of the scan.

  5. View the results using GET /api/results, specifying the Scan ID. Alternatively, you can view the results in the Checkmarx One web portal (UI), see Scan Results.

Uploads Endpoints Summary

The following is a list of Checkmarx One APIs that relate to Uploads:





Generate Upload Link



Generate a pre-signed upload URL to be used for scanning a zip archive.

This returns an upload link which is used in PUT Upload Source and POST Scan.

Upload Source



Upload the zip file to Checkmarx One.

The Path parameter is the link you generated using POST Generate Upload Link.

The Body parameter is the path to the zip archive on your local machine.