<?xml version="1.0" encoding="utf-8" standalone="yes"?><rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom"><channel><title>Black Duck on Software Factory</title><link>/use/tools/blackduck-sca/</link><description>Recent content in Black Duck on Software Factory</description><generator>Hugo</generator><language>en</language><atom:link href="/use/tools/blackduck-sca/index.xml" rel="self" type="application/rss+xml"/><item><title>Secrets in Black Duck SCA</title><link>/use/tools/blackduck-sca/secret/</link><pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate><guid>/use/tools/blackduck-sca/secret/</guid><description>&lt;p&gt;&lt;a href="/use/tools/blackduck-sca/secret/#api-tokens"&gt;API Tokens&lt;/a&gt;
 are the only authentication method available in the
Software Factory, for both CI/CD pipelines and API access.&lt;/p&gt;
&lt;h2 id="api-tokens"&gt;API Tokens&lt;a class="td-heading-self-link" href="#api-tokens" aria-label="Heading self-link"&gt;&lt;/a&gt;&lt;/h2&gt;
&lt;p&gt;API tokens (referred to as &amp;ldquo;User Access Tokens&amp;rdquo; in the Black Duck documentation) are authentication
credentials that replace username/password combinations when accessing Black Duck APIs and scanning
tools.&lt;/p&gt;
&lt;p&gt;API tokens are tied to a specific user account and inherit the same permissions and roles as that
user.&lt;/p&gt;</description></item></channel></rss>