Subscription Information
This feature is supported with the Enterprise+ license.
Description: Deploys an evidence file for the designated subject that complies with the DSSE framework and the in-toto Attestation Framework. For details about the sequence of events during deployment, see Evidence Deployment Workflow.
Important
This API endpoint deploys an external evidence file that was created elsewhere. An efficient method for attaching evidence to a subject, such as an artifact, is to use the Create Evidence CLI. Using the CLI ensures that the payload conforms to the in-toto framework and that the envelope conforms to the DSSE framework. The CLI invokes the Deploy Evidence API to upload the evidence to Artifactory.
Since: 7.104.2
Security: Requires a valid token; requires Read and Annotate permissions to the subject repository path
Usage: POST /evidence/api/v1/subject/{subject-repo-path}
Content Type: application/json
Sample Request:
curl -T evidence.json -X POST "{artifactory-host}/evidence/api/v1/subject/{subject-repository-path}
Sample Response:
{ "repository": "commons-dev-generic-local", "path": "commons/1.0.0/file.txt", "name": "code-review-1717748704938.json", "uri": "commons-dev-generic-local/.evidence/6899195b7f70e1362509b729a278ee58311b366f38630281c70dfc2ebeb20f4d/69d29925ba75eca8e67e0ad99d1132b47d599c206382049bc230f2edd2d3af30/code-review-1717748704938.json", "sha256": "cb3ba23a1da137668c03fd609b6fc4c1a35b6fd5cc98cce238465f8170a57a7a", "predicate_category": "Quality", "predicate_type": "https://jfrog.com/evidence/code-review/v0.1", "predicate_slug": "code-review", "created_at": "2025-01-01T00:00:00.000Z", "created_by": "admin" }
Status Codes:
Code | Description |
---|---|
201 | Created |
401 | Bad Credentials |
403 | Permission Denied |
404 | Not Found |