From b4f0ddcb7818d11671aa21b5f27cb98cd67918da Mon Sep 17 00:00:00 2001 From: jramos Date: Mon, 13 Apr 2026 13:55:15 -0600 Subject: [PATCH] fix: use JSON POST instead of multipart for Ivanti map endpoint --- backend/routes/ivantiFpWorkflow.js | 16 +++++++++++++--- 1 file changed, 13 insertions(+), 3 deletions(-) diff --git a/backend/routes/ivantiFpWorkflow.js b/backend/routes/ivantiFpWorkflow.js index 882d5a3..917051c 100644 --- a/backend/routes/ivantiFpWorkflow.js +++ b/backend/routes/ivantiFpWorkflow.js @@ -858,11 +858,21 @@ function createIvantiFpWorkflowRouter(db, requireAuth) { } const mapUrl = `/client/${encodeURIComponent(clientId)}/workflowBatch/falsePositive/${encodeURIComponent(mapUuid)}/map`; - const formFields = [{ name: 'subjectFilterRequest', value: buildSubjectFilterRequest(findingIds) }]; + const mapBody = { + subject: 'hostFinding', + filterRequest: { + filters: [{ + field: 'id', + exclusive: false, + operator: 'IN', + value: findingIds.map(id => String(id)).join(',') + }] + } + }; let mapResult; try { - mapResult = await ivantiFormPost(mapUrl, formFields, [], apiKey, skipTls); + mapResult = await ivantiPost(mapUrl, mapBody, apiKey, skipTls); } catch (networkErr) { logAudit(db, { userId: req.user.id, username: req.user.username, @@ -876,7 +886,7 @@ function createIvantiFpWorkflowRouter(db, requireAuth) { if (mapResult.status !== 200 && mapResult.status !== 201 && mapResult.status !== 202) { console.error('[mapFindings] Ivanti map failed — status:', mapResult.status, 'body:', (mapResult.body || '').substring(0, 500)); console.error('[mapFindings] Request URL:', mapUrl); - console.error('[mapFindings] Request fields:', JSON.stringify(formFields)); + console.error('[mapFindings] Request body:', JSON.stringify(mapBody)); const errorMap = { 401: 'Ivanti API key is invalid or missing. Contact your administrator.', 419: 'API key lacks permissions for this operation.',