Cybersecurity
DevOps Cloud (ADM)
IT Operations Cloud
Summary
When manually uploading the scan.json file, SSC prompts that this file type is not supported. The scan.json file can be uploaded with an API call.
Products
Fortify Static Code Analyzer
Environment
Software Security Center (SSC) 22.1
Windows and Linux
Situation
Uploading the Snyk verification result scan.json file through the API gets an authentication error. The following command was run to upload the file:
curl --noproxy localhost -X POST --form files=@"scan.json" "http://localhost:8080/ssc/upload/resultFileUpload.html?mat=<TOKEN>&entityId=2&engineType=SNYK""
The following response was received with the authentication error:
<?xml version="1.0" encoding="UTF-8" standalone="yes"?><ns4:GenericResponse xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"" xmlns:ns2 ="xmlns://www.fortify.com/schema/audit"" xmlns:ns3="xmlns://www.fortifysoftware.com/schema/wsTypes"" xmlns:ns4="http://www.fortify.com/ schema/fws" xmlns:ns5="xmlns://www.fortify.com/schema/issuemanagement"" xmlns:ns6="xmlns://www.fortifysoftware.com/schema/activitytemplate"" xmlns:ns7="xmlns:/ /www.fortifysoftware.com/schema/seed"" xmlns:ns8="xmlns://www.fortifysoftware.com/schema/runtime"" xmlns:ns9="xmlns://www.fortify.com/schema/attachments">; <ns3:code>-10312</ns3:code><ns3:msg>Token based authentication failed. </ns3:msg></ns4:GenericResponse>
Cause
An invalid token is being used.
Read Full Knowledge Base Article for Resolution steps.
URL Name
KM000015876