Connectors, Tools & Providers
The Connectors area lets you configure and manage all integrations with external services, including SCM providers, ticketing systems, container registries, cloud accounts, and custom security tools.
Overview
Connectors is divided into three tabs:
| Tab | Purpose | Examples |
|---|---|---|
| Connectors | Pre-built integrations that sync data or create artifacts (tickets, pull requests) | Jira, ServiceNow, GitHub App, container registries |
| Tools | External security scanners and custom tools that Plexicus can invoke | Checkmarx, Fortify, Black Duck, custom HTTP endpoints |
| Providers | Source control and cloud account connections | GitHub, GitLab, Azure DevOps, AWS, GCP, Azure |
Connectors Tab
Built-in connectors
The Connectors tab shows available integrations, organized by category:
SCM & Code
- GitHub (OAuth + Installation ID)
- GitLab
- Bitbucket Cloud
- Gitea
- Forgejo
- Azure DevOps
Ticketing
- Jira Cloud (OAuth)
- ServiceNow (OAuth token)
Container & Registry
- Docker Hub
- Amazon ECR
- Google Artifact Registry
- Azure Container Registry
- HashiCorp Artifactory
Cloud Accounts
- AWS (IAM role or access key)
- Google Cloud (service account)
- Azure (subscription)
- Oracle Cloud
Reporting
- AI Report Import
Configure a connector
- Click the connector card
- Click Configure or Connect
- Follow the provider's OAuth or token flow
- (If applicable) Configure stage workflow, field mapping, or other settings
- Click Test Connection
- Click Save or Finalize
Disconnect a connector
- Click the connector card
- Click Disconnect or Delete
- Confirm the action
Tools Tab
The Tools tab lists external security scanners and custom integrations that Plexicus can invoke during scans.
Pre-built tools
Pre-configured commercial and open-source security tools:
SAST
- Checkmarx (CxOne) — commercial
- Fortify SSC — commercial
- Sonarqube — commercial
SCA
- Black Duck — commercial
- Snyk — commercial
DAST
- Burp Suite Professional — commercial
Cloud Security
- Prowler — cloud compliance scanning
See Scanner Bundles for the complete catalog and parameter details.
Custom tools
Create custom tool integrations to invoke HTTP endpoints, scripts, or proprietary scanners:
- Click Add Custom Tool
- Provide:
- Tool Name: A descriptive name (e.g., "Internal SAST Endpoint")
- Endpoint URL: The HTTP endpoint that Plexicus will POST findings or scan requests to
- Authentication: API key, bearer token, or basic auth
- Parameters: Any tool-specific configuration (e.g., organization ID, workspace)
- Click Create
Test a tool
- Click the tool name
- Click Test
- Verify that the connection succeeds
Providers Tab
The Providers tab shows your connected source control and cloud account providers.
SCM providers
Plexicus supports seven source control systems:
| Provider | Type | Setup | Pull Requests | Notes |
|---|---|---|---|---|
| GitHub | Cloud / Self-hosted | OAuth + Installation ID | ✓ | Uses GitHub App for repo access |
| GitLab | Cloud / Self-hosted | Token + API URL | ✓ | Supports SaaS (gitlab.com) and self-hosted |
| Bitbucket Cloud | Cloud | OAuth token | ✓ | Bitbucket Cloud only; Bitbucket Server not supported |
| Gitea | Self-hosted | Token + URL | ✓ | Lightweight self-hosted forge |
| Forgejo | Self-hosted | Token + URL | ✓ | Forgejo fork of Gitea |
| Azure DevOps | Cloud / On-prem | Personal Access Token (PAT) | ✓ | Supports both cloud and TFS/on-premises |
| TFVC | On-prem | Shared Azure DevOps PAT | ✗ | Team Foundation Version Control; no PR support |
Cloud account providers
Connect cloud accounts for cloud security scanning (CSPM, workload protection, entitlement management):
AWS
- IAM Role (recommended) or access key
- Used for cloud scans and CSPM
Google Cloud
- Service Account JSON
- Used for cloud scans and CSPM
Azure
- Subscription ID + credentials
- Used for cloud scans and CSPM
Oracle Cloud
- Tenancy OCID + API signing key
- Used for cloud scans
Adding a new provider
- Click Add Provider in the Providers tab
- Select the provider type (GitHub, AWS, etc.)
- Follow the OAuth or credential flow
- Confirm that repositories or cloud accounts are discovered
- Click Finalize
Managing providers
View provider details
- Click the provider name
- View:
- Connected repositories or cloud accounts
- Webhook status (for SCM)
- Last sync time
Test provider connectivity
- Click the provider
- Click Test Connection
- Verify the status
Disconnect a provider
- Click the provider
- Click Disconnect
- Confirm; this will remove all repositories/accounts associated with it
Troubleshooting
"Connector not appearing"
- Some connectors require a specific subscription tier (e.g., ServiceNow is Scale+)
- Check your plan's entitlements
"Test connection failed"
- Verify credentials are correct and not expired
- For OAuth, re-authorize
- For tokens, confirm the token has the necessary scopes
"Repositories/accounts not discovered"
- Ensure the provider is fully connected and configured
- Wait a few moments for the sync to complete
- Refresh the page
"Custom tool endpoint timeout"
- Verify the endpoint URL is reachable from Plexicus
- Check firewall/network rules
- Ensure the endpoint responds within 30 seconds
Next Steps
Once your connectors and tools are configured, you can:
- Create and manage applications using connected SCM providers
- Configure scans to use external tools
- Set up ticketing to automatically create tickets from findings
- Manage cloud security for cloud account scans