SAST Scan Metadata API
Overview
These APIs get detailed information about how a scan was run.
Scan Metadata URL
The URL for Scan Metadata Endpoints is <base_url>/api/sast-metadata
Swagger
To view these APIs in the Swagger UI and run sample API calls, go to <base_url>/spec/v1/ and select Sast Metadata in the definition field.
Authentication
Authentication for all Checkmarx One endpoints is done using JWT (JSON Web Token) access token. Access tokens are generated using the Authentication API.
Endpoints Summary
The following is a list of Checkmarx One APIs that relate to SAST Metadata:
API | Method | Endpoint | Description |
|---|---|---|---|
GET Scan Metadata | GET | /api/sast-metadata/ | Get metadata for one or more scans. |
GET (Specific) Scan Metadata | GET | /api/sast-metadata/{scan-id} | Get metadata for a specific scan. |
GET (Specific) Scan Metadata Metrics | GET | /api/sast-metadata/{scan-id}/metrics | Get the scanner metrics for a specific scan. |
Workflow
Use
POST /api/scansto run a scan.Use the “scan id” with
GET /api/sast-metadatato get the metadata of that scan. You can include more than one scan id in your request.
GET Scan Metadata
Gets metadata about scans that ran in your account.
Media Type (header)
Authorization: Bearer <access_token>
Accept: application/json
Curl Sample
curl -X GET "https://ast.checkmarx.net/api/sast-metadata/?scan-ids=7de10fd2-5da7-49a4-b183-f3cfc1ff1859&scan-ids=3fa85f64-5717-4562-b3fc-2c963f66afa6" -H "accept: application/json"
Parameters
Path Parameters - None
Query Parameters - Required:
Parameter | Type | Description |
|---|---|---|
scan-ids | string | The unique identifier of the scan for which you would like to retrieve metadata. You can include more than one scan id in your request. |
Success Response
Code: 200 OK
Attributes:
Attribute | Type | Enums | Description |
|---|---|---|---|
totalCount | integer | - | The total number of scans for which metadata was retrieved. |
scans[ ] | The metadata of the scan. | ||
scans/scanId | string | - | The unique identifier of the scan for which metadata was retrieved. |
scans/projectId | string | - | The unique identifier of the Project for which the scan was run. |
scans/loc | integer | - | The number of lines of code in the source code of the Project. |
scans/fileCount | integer | - | The number of files in the Project. |
scans/isIncremental | boolean |
| Indicates whether the scan was incremental or full. |
scans/isIncrementalCanceled | boolean |
| Indicates whether a scan initiated as incremental, completed as incremental or was switched to a full scan. |
scans/incrementalCancelReason | string |
| The reason a scan which was initiated as incremental was switched to a full scan. |
scans/baseId | string | - | The last full scan id of this Project against which the current incremental scan is compared. |
scans/queryPreset | string |
| The set of queries run in the scan. |
Sample Success Response:
{
"totalCount": 3,
"scans": [
{
"scanId": "8caa3529-656b-477c-8137-9fab068ca3fb",
"projectId": "c667a1a9-db4a-451e-8b3f-22673afe9b58",
"loc": 0,
"fileCount": 732,
"isIncremental": true,
"isIncrementalCanceled": false,
"baseId": "313f75b1-c225-4bb4-ae9d-7d19aa78a38b",
"queryPreset": "Checkmarx Default"
},
{
"scanId": "f0281580-2510-4e0c-9a28-cade34c6bf1b",
"projectId": "68ea5649-1896-4fca-a73f-e535bd457634",
"loc": 16,
"fileCount": 2,
"isIncremental": false,
"isIncrementalCanceled": true,
"incrementalCancelReason": "No base scan found",
"queryPreset": "Checkmarx Default"
},
{
"scanId": "a1c92401-8ddb-4760-88e2-198b9464593f",
"projectId": "840bbc77-0f94-494d-878b-052c066f6ea4",
"loc": 4967,
"fileCount": 34,
"isIncremental": false,
"isIncrementalCanceled": false,
"queryPreset": "Checkmarx Default"
}
]
}