Semgrep
Semgrep is a Security input connector. Connect to your Semgrep API to start collecting vulnerability data. Create a Semgrep API token with the Web UI permissions before connecting.
IP Allowlists
You might need to add the Monad IP range of 34.210.32.104/32 to your Semgrep allowlist, so Monad can connect to it.
Create a Semgrep API token
Before you connect Monad to Semgrep, you need an API token. API tokens are scoped to include all projects from a specific account in Semgrep.
Please make sure that your account is on Semgrep Code Team tier to have access to the API endpoints.
To generate a new Semgrep API token,
- Log in to Semgrep, and check the top left corner to confirm which account you are using. If needed, switch to the account that you want to connect to Monad.
- Click Settings > Tokens > Create new token.
- In the dialog that appears, make sure that
WebAPIis selected andAgent (CI)is deselected in the Token Scopes section. - In the Description, enter something like
Monad Connector tokenso that it’s clear later what this token is for. - Copy the Secrets Value (the token value) to a secure place so you can use it to set up the connector. Once you close this dialog, you cannot view the token value again.
Set up a Semgrep input connector in Monad
To set up a Semgrep connector, you need an API token. Once you have this information, you can set up the connector:
- Log in to your Monad account, and click Add connector.
- Select the Semgrep connector.
- Optionally, change the default name for the connector. This name serves as a label for the connector in the Monad app, and you can change it later.
- Enter the API token you created.
- (Optional) - set your connector schedule
- Click Connect.
That’s it! Monad tests the connection to Semgrep. If the account is configured correctly, you’re ready to pull your Semgrep data into Monad!
This page was last modified: 9 Oct 2023