You will need a Snyk account to run scans. Snyk is available for free and all you need is a valid email address to register. Once you register, you can perform scans and view results locally or on the website.
Login or Create a free account here.
You can read more about Snyk Access Token from their docs here.
The Snyk Command-Line-Interface (CLI) is highly portable and very popular with end users. We’ll use the Snyk CLI in this workshop to collect and send results about your vulnerabilities.
Start by downloading the Snyk CLI to your environment. In this workshop, we’ll prescribe steps to save time and you can find more details on the Snyk documentation site at: https://docs.snyk.io/snyk-cli/install-the-snyk-cli
You will need to authenticate on the CLI with your API token.
If you are working on your local machine, simply run snyk auth and a browser should automatically open prompting you to authenticate. Accept that (logging in, if needed) and your CLI should show the following:
Your account has been authenticated. Snyk is now ready to be used.
If you are running remotely and the automatic authentication is not available you can manually authenticate by navigating to your Snyk Account (https://app.snyk.io/account), and get your API_TOKEN by clicking into your Account Settings -> API Token section.
In the KEY field, click your “click to show” box to copy your API token.
You can then run this command where API_TOKEN is the value you copied.
snyk auth API_TOKEN.
That should be it! Your response should look like the following:
snyk auth 12345678-abcd-efgh-1234head5678bead
Your account has been authenticated. Snyk is now ready to be used.