Skip to main content

Access Control (REST) APIs for Checkmarx SCA

Checkmarx SCA access control is managed by a separate service, Checkmarx Access Control, which is shared with other Checkmarx products.

Checkmarx Access Control is a user management solution for user administration. The Access Control (REST) APIs provide the ability to manage all user/team management and access control setting tasks. The following data can be consumed through the Access Control (REST) API; Assignable Users, Authentication Providers, LDAP Role Mapping, LDAP Servers, LDAP Team Mapping, OIDC Clients, Permissions, Roles, SAML Identity Provider, SAML Service Provider, Service Provider, SMTP Settings, System Locales, Team Members, Teams, Token Signing Certificates, Users and Windows Domains. For a complete list of the Access Control (REST) APIs, refer to the Access Control (REST) API Summary.

Base URL

The following is the base URL for scan endpoints, depending on your environment:

  • US Environment -

  • EU Environment -


Authentication for using the Access Control APIs is done through an API Token. The token is generated in the same way as for other Checkmarx SCA APIs, as explained in Checkmarx SCA (REST) API - POST Token. The only difference being, the need to add access_control_api to the scope attribute.