Create Access Token
You need an access token to use the JFrog Connect API. This page describes how to get tokens for Connect API v2.
Last updated
You need an access token to use the JFrog Connect API. This page describes how to get tokens for Connect API v2.
Last updated
For the JFrog Connect API v2, there are two types of access tokens, User (also called identity tokens) and Custom (also called scoped tokens). This increases the system security by enabling you to construct an access token that is very specific to the permissions allowed.
The tokens you create in Connect are valid only in Connect. However, if you create an admin token in Artifactory, you can use it in the Connect API v2.
In the Connect Settings, the Access Tokens tab shows a listing and brief description of the access tokens created in your account.
The Access Tokens table includes the following information in the columns:
Description: One or more words indicating what the token is for.
Subject: The user for whom the token was created.
Token ID: The UUID of the token.
Issued Date: The date and time the token was created.
Expiry Date: The date and time the token will expire.
Scope: An indication of the permissions allowed by the token.
To revoke a token, click the three dots at the end of the relevant row and click Revoke.
You can create the following types of access tokens:
User: This type is a standard access token. This token provides access according to the permissions defined for the user in the User Management page. This kind of token can be created in Connect or in the JFrog Platform.
Custom: These tokens, also known as scoped tokens, have permissions that are customized for a specific purpose. For example, the token may provide access to certain resources and functions only, but not to others. These tokens can be created only in Connect and only by the main user.
To create a new token, do the following:
Go to Settings in the left navigation bar and click the Access Tokens tab.
In the Access tokens tab, click the + on the upper right and enter a Description and Expiration Date for the new token.
Under Token Scope, choose User and select the name of the user from the dropdown list.
Generate the token.
To create a new token, do the following:
Go to Settings in the left navigation bar and click the Access Tokens tab.
In the Access tokens tab, click the + on the upper right and enter a Description and Expiration Date for the new token.
Under Token Scope, choose Custom and choose one of the Permissions Action Types. Permissions Action Type enables access to a certain feature or set of features in Connect, such as Data Monitor, Update, or Device.
Choose the Target Entity and the Permission Type from the respective lists. The options available in these lists vary according to Permissions Action Type you choose.
Click Add. The permission will be added to the table in the lower part of the page. You may create multiple permissions for the token, and each permission will appear as a row in the table. Once you have created all the necessary permissions, generate the token.
After you generate the new access token, it will be displayed.
Important:
For security reasons, the new token generated will not be stored. Ensure that you copy the token and save it in a safe place. Once you close the token display window, it will not be available again.
Do not expose the token in Postman or in any other API request tool. It is highly recommended to use a variable for your token, and not expose it directly.
Learn about the Connect API v2 and the details of all the API requests you can use.
