Authentication is done in the request JSON by specifying the APIKey and AppID (named ProjectID).
The APIKey
This is the key we use to connect to your specific application in ACR. You create the APIKey under the App Settings of the application you want to review in ACR. Make sure you give it a fitting name, so you know where you are using it.
See here for code review APIKey
See here for CI/CD APIkey
See here for security APIKey
The AppID
The AppID is the unique code used to identify your application within the Mendix ecosystem. You find the AppID within Mendix Sprintr. Select the application you want to review in the app overview, go to General Settings, and there you find the AppID.
Usage from CI/CD
API Account
An API account is where in our CI/CD you configure how to login into other apps. So if you are using another CI/CD tool you do not need API accounts!
If you have created an APIKey you can copy-paste it here into an API account, so a CI/CD pipeline job can use this API account to ‘login’.
See here for how to manage API accounts.
Auto check account
For scheduled and on commit CI/CD pipelines a Mendix account must be used that has access. Please follow the steps described in App settings to ensure a Mendix account is configured, either a special user or a normal user.