What happens if you disable "Use API Roles"? Basic Auth API should still work until you are updated to Jamf 11.5. API roles are very convoluted, and there is a decent chance the roles are not set correctly.

On an unrelated side note, I really don't care for Jamf Compliance Editor. It is a side project with little effort from Jamf themselves and it shows. I suppose it's great for an inexperienced admin, but I'll just do everything manually if it was down to doing it myself or using Jamf Compliance Editor. 

Are you using the latest version, 1.3.1, I believe? I didn't run into this, as my upload was seamless. Try on another Mac or a different network? Worst-case scenario, you dig into the project files and upload the profiles and script manually to your Jamf.

My take is a little different.

This JCE saved me a ton of time for macOS, and soon, I'll be using this for iOS. Yes, we can follow the CIS Benchmark Guides and manually set it up.

But the JCE stamps the profiles for you, labels them, and offers remediation scripts for controls that aren't met by profiles. The upload for me was seamless. I did run into a bug here or two, but no showstoppers. 

The rollout to the fleet was pretty seamless. It was accurate when we did a security scan to check the CIS controls. Also, there was no customer impact.

For me, the JCE is a cheat code.

@AJPinto you can do it manually. JCE is just a front end gui to the macOS Security Compliance Project(https://github.com/usnistgov/macos_security). There's a walk through on the wiki and a ton of videos on YouTube on how to use it 

Correct, my JCE is a lasted version 1.3.1 (506) and my Jamf Pro is SaaS with Version11.5.0.

The thing why I had to upload load to Jamf Pro via this JCE because it can run a report via Jamf Pro instead of uploading manually with a lot of profiles and extensions.