Synopsis

fcli util rpc-server start [[-h] [--env-prefix=<prefix>] [--log-file=<logFile>] [--log-level=<logLevel>] [--log-mask=<level>] [--debug]]

Description

The fcli JSON-RPC server provides a simple JSON-RPC 2.0 interface for IDE plugins and other tools to interact with Fortify products through fcli. Unlike the MCP server which is designed for LLM integration, the RPC server exposes a smaller set of general-purpose methods suitable for programmatic access from IDE plugins.

The server reads JSON-RPC requests from stdin and writes responses to stdout, one JSON object per line. Sessions are automatically logged out when the server terminates.

Available RPC methods:

SESSION METHODS (per product):

  • fcli.ssc.login: Login to SSC Parameters:

  • url (string, required): SSC URL

  • user (string): Username for user/password auth

  • password (string): Password for user/password auth

  • token (string): UnifiedLoginToken or CIToken

  • client-auth-token (string, optional): SC-SAST client auth token

  • sc-sast-url (string, optional): SC-SAST controller URL

  • expire-in (string): Token expiration (e.g., "1d", "8h")

  • insecure (boolean): Allow insecure connections Note: Requires one of (user+password) or token

  • fcli.ssc.logout: Logout from SSC session

  • fcli.fod.login: Login to FoD Parameters:

  • url (string, required): FoD URL (e.g., "https://ams.fortify.com")

  • client-id (string): API client ID

  • client-secret (string): API client secret

  • user (string): Username

  • password (string): Password

  • tenant (string): Tenant name (required for user/password)

  • insecure (boolean): Allow insecure connections Note: Requires either (client-id+client-secret) or (user+password+tenant)

  • fcli.fod.logout: Logout from FoD session

    EXECUTION METHODS:

  • fcli.execute: Execute an fcli command synchronously and return ALL results Parameters:

  • command (string, required): The fcli command to execute (e.g., "ssc appversion list")

  • collectRecords (boolean, optional): If true, collect structured records instead of stdout Note: For large datasets, use fcli.executeAsync + fcli.getPage instead

  • fcli.executeAsync: Start async command execution, returns cacheKey for paged retrieval Parameters:

  • command (string, required): The fcli command to execute Returns: cacheKey to use with fcli.getPage

  • fcli.getPage: Retrieve a page of results from cache Parameters:

  • cacheKey (string, required): Cache key from fcli.executeAsync

  • offset (integer, optional): Start offset (default: 0)

  • limit (integer, optional): Max records per page (default: 100)

  • wait (boolean, optional): Wait for completion if still loading (default: false)

  • waitTimeoutMs (integer, optional): Max wait time in ms (default: 30000)

  • fcli.cancelCollection: Cancel an in-progress async collection Parameters:

  • cacheKey (string, required): Cache key to cancel

  • fcli.clearCache: Clear cache entries Parameters:

  • cacheKey (string, optional): Specific key to clear, or omit to clear all

    INFO METHODS:

  • fcli.listCommands: List available fcli commands with optional filtering Parameters:

  • module (string, optional): Filter by module (e.g., "ssc", "fod")

  • runnableOnly (boolean, optional): If true, only return runnable (leaf) commands

  • includeHidden (boolean, optional): If true, include hidden commands

  • fcli.version: Get fcli version information Parameters: none

  • rpc.listMethods: List available RPC methods Parameters: none

Typical workflow: 1. Call fcli.ssc.login or fcli.fod.login with credentials 2. Execute commands via fcli.execute or fcli.executeAsync 3. Session options are automatically added to commands 4. Sessions are logged out automatically when RPC server terminates

Example JSON-RPC requests:

{"jsonrpc":"2.0","method":"fcli.ssc.login","params":{"url":"https://ssc.example.com","token":"mytoken"},"id":1} {"jsonrpc":"2.0","method":"fcli.execute","params":{"command":"ssc appversion list","collectRecords":true},"id":2} {"jsonrpc":"2.0","method":"fcli.ssc.logout","id":3}

Generic fcli options (also see documentation link below)

--debug

Enable collection of debug logs.

--env-prefix=<prefix>

Prefix for resolving default option values. Default value: FCLI_DEFAULT.

-h, --help

Use 'fcli [command] -h' to display help for fcli (sub-)commands.

--log-file=<logFile>

Write log output to file. Default: ./fcli.log if logging is enabled.

--log-level=<logLevel>

Set logging level: TRACE, DEBUG, INFO, WARN, ERROR, NONE.

--log-mask=<level>

Log mask level: high, medium, low, none. Default: medium. Masking is done on a best-effort basis; no guarantee that all sensitive data will be masked.