Skip to main content

Logging on to the CLI

The following methods are available for authentication and login to the CLI:

  • Credential-based authentication – The client provides login credentials. The credentials provided by the client are compared to those of the resource, for example in the database or the authentication server. If the credentials match, the client is granted authorization to access.

  • Token-based authentication (v9.5) : The resource owner provides the client with credentials. Using the provided credentials, the client requests an access token from the resource. The credentials provided by the client are compared to those of the resource. If the credentials match, the resource issues an access token to the client, and the client uses this access token to log in.

Notice

You can only use one authentication method, either credential-based or token-based.

Syntax

The following sections list the syntax for the authentication.

Credential-based Authentication

The syntax for the credential based authentication:

runCxConsole.cmd Scan -v -ProjectName "CxServer/bookname j2" -CxServer http://localhost -CxUser username -CxPassword admin -LocationType folder -LocationPath "C:\Data\Projects\Java\bs java" -preset "Checkmarx Default" 

Token-based Authentication

Requesting an access token from the resource:

runCxConsole.cmd GenerateToken -v -CxUser username -CxPassword admin -CxServer http://localhost

Using the access token to login:

runCxConsole.cmd Scan -v -Projectname "CxServer/bookname j2" -CxServer http://localhost -CxToken <token> -LocationType folder -LocationPath " C:\Data\Projects\Java\bs java " -preset "Checkmarx Default"

Revoke the access token:

runCxConsole.cmd RevokeToken -v -CxToken <token> -CxServer http://localhost

Notice

  • There is no limit to the tokens a client can generate for its users. All tokens can be used in the CLI.

  • The lifetime of tokens is not limited. Therefore, they do not expire.

  • There is currently no way to view a list of all generated tokens.

  • Each token can be revoked manually. There is no option for revoking all tokens at once.

  • In some instances, when removing a specific user token, all of that user's tokens may be revoked.