Semgrep is a Security input connector. Connect to your Semgrep API to start collecting vulnerability data. Create a Semgrep API token with the Web UI permissions before connecting.

IP Allowlists

You might need to add the Monad IP range of to your Semgrep allowlist, so Monad can connect to it.

Create a Semgrep API token

Before you connect Monad to Semgrep, you need an API token. API tokens are scoped to include all projects from a specific account in Semgrep.

Please make sure that your account is on Semgrep Code Team tier to have access to the API endpoints.

To generate a new Semgrep API token,

  1. Log in to Semgrep, and check the top left corner to confirm which account you are using. If needed, switch to the account that you want to connect to Monad.
  2. Click Settings > Tokens > Create new token.
  3. In the dialog that appears, make sure that WebAPI is selected and Agent (CI) is deselected in the Token Scopes section.
  4. In the Description, enter something like Monad Connector token so that it’s clear later what this token is for.
  5. Copy the Secrets Value (the token value) to a secure place so you can use it to set up the connector. Once you close this dialog, you cannot view the token value again.

Set up a Semgrep input connector in Monad

To set up a Semgrep connector, you need an API token. Once you have this information, you can set up the connector:

  1. Log in to your Monad account, and click Add connector.
  2. Select the Semgrep connector.
  3. Optionally, change the default name for the connector. This name serves as a label for the connector in the Monad app, and you can change it later.
  4. Enter the API token you created.
  5. (Optional) - set your connector schedule
  6. Click Connect.

That’s it! Monad tests the connection to Semgrep. If the account is configured correctly, you’re ready to pull your Semgrep data into Monad!

This page was last modified: 9 Oct 2023