Deploy Evidence

JFrog REST APIs

Content Type
REST API
ft:sourceType
Paligo

Subscription Information

This feature is supported with the Enterprise+ license.

Description: Deploys an evidence file for the designated subject that complies with the DSSE framework and the in-toto Attestation Framework. For details about the sequence of events during deployment, see Evidence Deployment Workflow.Evidence Deployment Workflow

Important

This API endpoint deploys an external evidence file that was created elsewhere. An efficient method for attaching evidence to a subject, such as an artifact, is to use the Create Evidence CLI. Using the CLI ensures that the payload conforms to the in-toto framework and that the envelope conforms to the DSSE framework. The CLI invokes the Deploy Evidence API to upload the evidence to Artifactory.Evidence PayloadEvidence Envelope

Since: 7.104.2

Security: Requires a valid token; requires Read and Annotate permissions to the subject repository path

Usage: POST /evidence/api/v1/subject/{subject-repo-path}

Content Type: application/json

Sample Request:

curl -T evidence.json -X POST "{artifactory-host}/evidence/api/v1/subject/{subject-repository-path}

Sample Response:

{
    "repository": "commons-dev-generic-local",
    "path": "commons/1.0.0/file.txt",
    "name": "code-review-1717748704938.json",
    "uri": "commons-dev-generic-local/.evidence/6899195b7f70e1362509b729a278ee58311b366f38630281c70dfc2ebeb20f4d/69d29925ba75eca8e67e0ad99d1132b47d599c206382049bc230f2edd2d3af30/code-review-1717748704938.json",
    "sha256": "cb3ba23a1da137668c03fd609b6fc4c1a35b6fd5cc98cce238465f8170a57a7a",
    "predicate_category": "Quality",
    "predicate_type": "https://jfrog.com/evidence/code-review/v0.1",
    "predicate_slug": "code-review",
    "created_at": "2025-01-01T00:00:00.000Z",
    "created_by": "admin"
}

Status Codes:

Code

Description

201

Created

401

Bad Credentials

403

Permission Denied

404

Not Found