- Checkmarx Documentation
- Checkmarx SCA
- Checkmarx SCA (REST) API Documentation
- Checkmarx SCA (REST) API - Scan Upload
Checkmarx SCA (REST) API - Scan Upload
You can use the Scan Upload APIs to run a scan of a Project by uploading a zip file or by referring to its GitHub URL.
Notice
Before you can start running scans via API, you need to create your Project. If you haven’t yet set up a Project for the source code that you would like to scan, then first create the Project as described in Checkmarx SCA (REST) API - POST Project.
Alternatively, you can create the Project in the Checkmarx SCA web portal, see Creating a Project - Project Types.
Notice
The scanning procedure is identical whether this is the initial scan after creating the Project or whether you are rescanning a Project that has already been scanned.
The following base URLs are used for all calls, depending on your environment:
US Environment - https://api-sca.checkmarx.net
EU Environment - https://eu.api-sca.checkmarx.net
Workflow
Notice
You need to have the Project ID of the project that you would like to scan in order to run the Scan Upload API. See Checkmarx SCA (REST) API - Projects.
To scan a zip file
Use
POST /api/uploads
to generate an upload link.Use
PUT {upload_url}
, specifying the path to your ZIP file, to upload your file.Use
POST /api/scans
, specifying the Project ID and upload link, to scan the ZIP file.Use
GET /api/scans/{scanId}
to check the status of the scan.View the results using the Scan Reports API. Alternatively, you can view the results in the Checkmarx SCA web browser (UI), see Viewing Results.
To scan from GitHub repo
Use
POST /api/scans
(along with the Project ID and GitHub URL) to scan the Project.Use
GET /api/scans/{scanId}
to check the status of the scan.View the results using the Scan Reports API. Alternatively, you can view the results in the Checkmarx SCA web browser (UI), see Viewing Results.
Scan Upload APIs
The following is a list of the Checkmarx SCA APIs that relate to Scan Upload:
Notice
If a GitHub URL is being scanned (as opposed to a zip file), then the only API needed is POST Scan.
API | Method | Endpoint | Description |
---|---|---|---|
POST | /api/uploads | Generate an upload link for scanning a ZIP file. This returns an Upload Link which is used in PUT Upload Link and POST Scan. | |
PUT | {upload_url} | Upload the ZIP file to Checkmarx SCA. The url is the url that you generated using POST Generate Upload Link. The Body parameter is the path to the zip file on your local machine. | |
POST | /api/scans | Scan the previously uploaded ZIP file (or the GitHub URL). The user specifies the Project ID and includes the previously generated Upload Link (or the GitHub file URL). The response returns a Scan ID which you can use with Risk Reports to view results. |