- Checkmarx Documentation
- Checkmarx SAST
- SAST API Guide
- CxSAST (SOAP) API
- Mapping SOAP to REST
Mapping SOAP to REST
This section is designed to be used as a basic summary of SOAP to REST API mapping. SOAP APIs are grouped according to their product area and each API has a direct link to the relevant API documentation. Mapping for each SOAP API and it's related REST API is also indicated. Additional information is also provided. It is also highly important to see, New REST APIs and Authentication Methods – Upgrade Implications.
Group | SOAP API | REST API | Additional Information |
---|---|---|---|
Login | POST /auth/login | SOAP cookie-based login replaced with a REST Token: Token-based Authentication / Login using OAuth 2.0. | |
Logout LoginWithToken SsoLogin | See above | See above | |
Projects | IsValidProjectName | Replaced with GET /projects. | |
Get details of all projects. | |||
Get details of a specific project. | |||
Get details of all presets. | |||
UpdateProjectConfiguration | Update specific project’s details. Parameters include - name, owningTeam and customFields (Id and value). | ||
Get details of all custom fields. | |||
Define specific project’s scan settings. Parameters include - presetId, engineConfigurationId, postScanActionId and emailNotifications (beforescan, failedScans, afterScans). | |||
Set a specific project's exclude folders/files settings. Parameters include - excludeFoldersPattern and excludeFilesPattern. | |||
Define specific project’s scan scheduling settings. Parameters include -scheduleType and scheduleDays. | |||
Set a specific project’s Jira issue tracking system settings. Parameters include - issueTrackingSystemId, jiraProjectId, issueType, field Ids and values. | |||
Set a specific project’s data retention settings. Parameters include - scansToKeep. | |||
Get details of all engine configurations. | |||
DELETE /projects/project{Id}CxSAST (REST) API v2.1 | Delete a specific project. Parameters include - deleteRunningScans (true/false). | ||
Create a specific project’s branch. Parameters include - name. | |||
Get all scans for a specific project. | |||
Gets details of all projects. Returns wide-ranging project information - owning team, latest scan, all project scans, scan settings and custom fields. | |||
Get details of all custom fields. | |||
Update an existing project’s details. Parameters include – name, owningTeam and customFields (id and value). | |||
Scans | Define a specific project’s scan settings. Parameters include - presetId, engineConfigurationId, postScanActionId and emailNotifications (beforescan, failedScans, afterScans). | ||
Upload a specific project’s zip file (contains the source code for scanning). Parameters include - zippedSource. | |||
Set a specific project’s remote source settings for GIT. Parameters include - url, branch and privateKey. | |||
Get a specific project’s remote source settings for GIT. | |||
Set a specific project’s remote source settings for GIT using SSH. Parameters include - url, branch and privateKey. | |||
Set a specific project’s remote source settings for SVN. Parameters include - url, absoluteUrl, port, paths and credentials (username, password and privateKey). | |||
Get a specific project’s remote source settings for SVN. | |||
Set a specific project’s remote source settings for SVN using SSH. Parameters include - absoluteUrl, port, paths and privateKey. | |||
Set a specific project’s remote source settings for TFS. Parameters include - credentials (username and password), url, absoluteUrl, port and paths. | |||
Get a specific project’s remote source settings for TFS. | |||
Set a specific project’s remote source settings for Perforce. Parameters include - credentials (username and password), url, absoluteUrl, port, paths and browseMode. | |||
Get a specific project’s remote source settings for Perforce. | |||
Set a specific project’s remote source settings for a shared repository. Parameters include – paths and credentials (username and password). | |||
GET /projects/{Id}/sourceCode/remoteSettings/sharedCxSAST (REST) API v1 | Get a specific project’s remote source settings for a shared repository. | ||
POST /projects/{Id}/sourceCode/remoteSettings/customCxSAST (REST) API v1 | Set a specific project’s remote source settings for a custom repository (e.g., source pulling). Parameters include – paths and credentials (username and password). | ||
GET /projects/{Id}/sourceCode/remoteSettings/customCxSAST (REST) API v1 | Get a specific project’s remote source settings for a custom repository (e.g., source pulling). Parameters include – paths, preScanCommandId and credentials (username and password). | ||
POST /sast/scansCxSAST (REST) API v1 | Create a new scan and assign it to a specific project. Parameters include – isIncremental, isPublic, forceScan and comment. | ||
Delete a specific scan. | |||
Cancel a specific scan while still in the queue. Parameters include - status (cancelled). | |||
Define a specific project’s scan settings. Parameters include - presetId, engineConfigurationId, postScanActionId and emailNotifications (beforescan, failedScans, afterScans). | |||
Add a comment to a specific scan. Parameters include - comment. | |||
ScanWithOriginName | POST /sast/scansCxSAST (REST) API v1 | Custom name added to CxOrigin in the POST /sast/scans header.CxSAST (REST) API v1 | |
ScanWithScheduling | Merged with ScanWithSchedulingWithCron. | ||
Define specific project’s scan scheduling settings. Parameters include - scheduleType and scheduleDays. | |||
Get details of a specific scan. Returns status and stage of the scan. | |||
Get a specific project’s scan settings. Returns preset and engine configuration of the scan. | |||
Get details of all scans in the scans queue. Returns wide-ranging scan information (e.g., stageDetails, engineId, languages, teamId, loc, origin, queuePosition, isIncremental, isPublic, origin, creation date, etc..). | |||
GET sast/scans?scanStatus={status}CxSAST (REST) API v1 | Get all scans with a specific scan status (Scanning, Finished, Canceled or Failed). | ||
GET /sast/scans?last={numberOfLastScans}CxSAST (REST) API v1 | Get all scans according to number of last scans. | ||
Get all scans. | |||
Get details of a specific scan in the scans queue. | |||
GetScanSummary | Get all scans. Enhanced API with detailed scan information similar to SOAP. | ||
GetScansDisplayDataForAllProjects | Get all scans. Enhanced API with detailed scan information similar to SOAP. Get the last scan of a project. | ||
Get statistic results for a specific scan. Returns summary of results (by severity). Result is also available as a link in the GET /sast/scans resource. | |||
Get /sast/scans?projectId={projectId}&Last={number}CxSAST (REST) API v1 | Get the last scan of a specific project. | ||
Scan Reports | Generate a new scan report. | ||
Get the status of a generated report. | |||
Get the specific report once generated. | |||
Managing Users | For future release | ||
For future release | |||
GET /auth/teams | Gets details of all teams. | ||
GetTeamLdapGroupsMapping | For future release | ||
SetTeamLdapGroupsMapping | For future release | ||
Data Retention | ExecuteDataRetention | Define data retention global settings by date range. Parameters include – startDate, endDate and durationLimitInHours. | |
Define data retention global settings by number of scans. Parameters include – numOfSuccessfulScansToPreserve and durationLimitInHours. | |||
StopDataRetention | Stops global data retention. | ||
Set specific project’s data retention settings. Parameters include – scansToKeep. |