Synopsis
fcli sc-dast session login [--session=<sessionName>] [[-h] [--env-prefix=<envPrefix>] [--log-file=<logFile>] [--log-level=<logLevel>]] ] [--store=_variableName[:<propertyNames>]] [--to-file=<outputFile>]] ([-k] [--socket-timeout=<socketTimeout>] [--connect-timeout=<connectTimeout>] --ssc-url=<url>) ((-u=<user> -p[=<password>] [--expire-in=<expireIn>]) | -t[=<token>])
Description
This command stores the SSC and ScanCentral DAST API URL and authentication token in an encrypted session file in the fcli state data folder, for use by other 'fcli sc-dast' commands to connect to the specified SSC/ScanCentral DAST instance. Option values may be passed on the command line or specified through environment variables (common for CI/CD pipeline use) as listed below.
When logging in with username and password, this command will connect to SSC to generate a CIToken; the user password is not stored by fcli. When logging in with a pre-generated CIToken, this token will be stored as-is after checking its validity. Note that on SSC 23.2 or below, fcli cannot determine when a pre-generated token will expire.
For interactive use, you may choose to keep the session open until it expires. For CI/CD integrations and other automations, you should always issue a logout command once work is complete. On shared/non-containerized systems, consider setting FCLI_STATE_DIR or FCLI_DATA_DIR environment variables to prevent unexpected interactions between different pipelines.
Options
- --session=<sessionName>
-
Name for this ScanCentral DAST session. Default value: default.
- -u, --ssc-user=<user>
-
SSC user name.
Environment variables:
FCLI_DEFAULT_SSC_USER: Shared with SSC/SC SAST
FCLI_DEFAULT_SC_DAST_SSC_USER: Only SC DAST commands
- -p, --ssc-password[=<password>]
-
SSC password.
Environment variables:
FCLI_DEFAULT_SSC_PASSWORD: Shared with SSC/SC SAST
FCLI_DEFAULT_SC_DAST_SSC_PASSWORD: Only SC DAST commands
- --expire-in=<expireIn>
-
Specify for how long the session should remain active, for example 1d (1 day), 2M (2 months), 1y (1 year).
Default: 3d
- -t, --ssc-ci-token[=<token>]
-
SSC CIToken in either encoded (REST) or decoded (application) format.
Environment variables:
FCLI_DEFAULT_SSC_CI_TOKEN: Shared with SSC/SC SAST
FCLI_DEFAULT_SC_DAST_SSC_CI_TOKEN: Only SC DAST commands
- --ssc-url=<url>
-
SSC URL.
Environment variables:
FCLI_DEFAULT_SSC_URL: Shared with SSC/SC SAST
FCLI_DEFAULT_SC_DAST_SSC_URL: Only SC DAST commands
- -k, --insecure
-
Disable SSL checks.
- --socket-timeout=<socketTimeout>
-
Socket timeout for this session, for example 30s (30 seconds), 5m (5 minutes). Default value: 60 seconds.
- --connect-timeout=<connectTimeout>
-
Connection timeout for this session, for example 30s (30 seconds), 5m (5 minutes). Default value: 10 seconds.
Output options
- -o, --output=format[=<options>]
-
Specify output format and options. Available output formats: csv, csv-plain, json, json-flat, table, table-plain, tree, tree-flat, xml, xml-flat, yaml, yaml-flat, expr, json-properties. The 'expr' output format takes a string containing '{property}' placeholders, other output formats take an optional, comma-separated list of properties to include in the output. Use '-o json-properties' on the current command to see available properties.
- --store=variableName[:<propertyNames>]
-
Store the JSON results of this command in a variable. Variables can be managed through the 'fcli util variable' command, and can be referenced using ::variable::[property] on any subsequent command.
- --to-file=<outputFile>
-
Write command output to the specified file instead of stdout.
Generic fcli options
- -h, --help
-
Show this help message and exit. Use 'fcli <command> -h' to display help for subcommands.
- --env-prefix=<envPrefix>
-
Environment variable prefix for resolving default option and parameter values. Default value is FCLI_DEFAULT.
- --log-file=<logFile>
-
File where logging data will be written. Defaults to fcli.log in current directory if --log-level is specified.
- --log-level=<logLevel>
-
Set logging level. Note that DEBUG and TRACE levels may result in sensitive data being written to the log file. Allowed values: TRACE, DEBUG, INFO, WARN, ERROR.