Incomplete Recognition of Users/Projects Created through APIs.

[akshayd3v]

Current Behavior

We've been encountering a hurdle in our workflow and despite our attempts to seek assistance through the channel, we've unfortunately not received any responses.

Our current focus is on programmatically determining the extent of users/projects associated with a Dependency Track instance through APIs. However, it appears that the existing API functionality logs only account for users/projects manually defined via the dependency track user interface. Regrettably, users or projects established through APIs in CI/CD pipelines or scripts aren't being recognized.

We are invoking API using below curl method.

curl -X "POST" "http://dtrack.example.com/api/v1/bom" \
     -H 'Content-Type: multipart/form-data' \
     -H "X-Api-Key: xxxxxxx" \
     -F "autoCreate=true" \
     -F "projectName=xxxx" \
     -F "projectVersion=xxxx" \
     -F "bom=@target/bom.json"

But we do not get created logs using via API method mentioned above

We're reaching out to inquire if there are any strategies or recommendations you could offer to help us overcome this obstacle. Your insights would be invaluable to us in resolving this issue and optimizing our workflow.

Proposed Behavior

Our Proposed behaviour is that when we invoke API using below curl method.

curl -X "POST" "http://dtrack.example.com/api/v1/bom" \
     -H 'Content-Type: multipart/form-data' \
     -H "X-Api-Key: xxxxxxx" \
     -F "autoCreate=true" \
     -F "projectName=xxxx" \
     -F "projectVersion=xxxx" \
     -F "bom=@target/bom.json"

We should got this type of logs .

Checklist

• [X] I have read and understand the contributing guidelines
• [X] I have checked the existing issues for whether this enhancement was already requested

[robertlagrant]

This sounds good, although I think the log line would have to be something like created by group Administrators as I believe API keys are associated with groups.