Install and configure an agent

To instrument an application with Contrast you need to install and configure the agent that corresponds to the language your application uses. Most agents can be downloaded from a package manager or repository.

Installation varies depending on the agent, on which Contrast product(s) you are using and on where you want to install Contrast. For example, this could be:

  • On an application server or web server

  • In a build pipeline or container

  • In a Develop, QA or Production environment

Installation

Depending on your situation, you may install the agent directly or with the help of integrations that work with Contrast.

Consider your goals for Contrast and consult specific installation instructions for the agent you want to use:

Configuration

When you install an agent, you must configure it so that it recognizes your application and can communicate information back to Contrast. At a minimum, you need to supply four basic agent keys (find them here):

  • api.api_key: Your organization's API key

  • api.user_name: Contrast user account (in most cases your login ID)

  • api.service_key: Contrast user account service key

  • api.url: Address of the Contrast installation you would like your agent to report to. Defaults to: https://app.contrastsecurity.com

Tip

You can download a YAML configuration file that is pre-populated with your organization keys. Select Add agent in the Contrast web interface and choose your application language to find a download link.

Add Agent button is shown next to the search bar and user name.

You can further configure by using environment variables, a YAML configuration file, command line or other methods native to the language and tools you are using. Configuration follows this order of precedence.

Consider your goals for Contrast and consult specific configuration instructions for the agent you want to use: