Skip to main content

Configuring Global Integration Settings for Checkmarx One TeamCity Plugin

The global settings are used as the default configuration for your Checkmarx projects. They can be overridden by specifying different settings for individual projects.

In order to configure the global settings you need to have the Client ID and Client Secret for an OAuth Client in Checkmarx One, see Creating an OAuth Client for Checkmarx One Integrations.


Configuring global settings is recommended best practice, although it isn’t required. Alternatively, it is possible to configure all of the settings within the build step for each project.

To configure the global settings for Checkmarx One:

  1. In the main navigation, go to the TeamCity header bar and select Administration. Then in the Administration menu, under Integrations select Checkmarx AST Scan.

    The Checkmarx One Scan configuration settings are shown.

  2. Fill in the Checkmarx One Server URL with the appropriate URL for your environment.

  3. If the authentication URL is different from the server URL, then in the Checkmarx One Authentication Server URL enter the appropriate authentication URL.


    For Checkmarx One cloud platform, enter the URL for your environment.

  4. For Tenant, enter the name of your Checkmarx One tenant account.

  5. In the OAuth Client Id and Secret fields, enter your Checkmarx One OAuth Client Id and Secret.


    If you need to create an OAuth client, see Creating an OAuth Client for Checkmarx One Integrations.

  6. In the Additional Parameters section, you can specify any CLI arguments that you would like to apply to scans of this project. See documentation here.


    By default, all scanners that you are authorized to run (licensed or open source) will run. To limit scans to one or more specific scanners, add the argument --scan-types {scanner} , where {scanner} is one or more of the following scanners sast, sca or kics.

  7. Click Save at the bottom of the screen.