Try JFrog
API Reference
Contact SupportTry JFrog

Prepare Evidence for Signing

post
https://{jfrog_url}/evidence/api/v1/evidence/prepare

Prepares an in-toto statement for external signing. Returns the DSSE payload (base64-encoded) and the URL to POST the signed envelope to.

This is the first step in a two-step evidence creation flow:

  1. Call this endpoint to prepare the statement and receive the DSSE payload
  2. Sign the payload externally and POST the signed DSSE envelope to the returned post_url
Recent Requests
Log in to see full request history
TimeStatusUser Agent
Retrieving recent requests…
LoadingLoading…
Query Params
string
enum

When set to true, includes the Pre-Authentication Encoding (PAE) string in the response

Allowed:
Body Params

In-toto statement generation request containing the predicate, predicate type, and subject information

Request to prepare an in-toto statement for external signing

predicate
object
required

The in-toto predicate JSON object containing the attestation claims

string
required

Predicate type URI (e.g., https://slsa.dev/provenance/v0.2)

string

Optional markdown representation of the evidence

string

Evidence provider identifier

subject
object
required

Subject information identifying the artifact, build, package, release bundle, or application version

attachments
array of objects
length ≤ 1

Source references to attachment files in Artifactory. The service resolves sha256 values during prepare. At most one attachment is supported. Requires Artifactory >= 7.142.0.

attachments
string

JFrog project key

Responses

Updated 3 days ago

Language
Credentials
Bearer
JWT
URL
LoadingLoading…
Response
Click Try It! to start a request and see the response here! Or choose an example:
application/json

Updated 3 days ago