Need help with other JFrog products?
JFrog Enterprise+
JFrog Artifactory
JFrog Xray
JFrog Mission Control
JFrog Distribution
[JFrog Pipelines]
JFrog Access
JFrog CLI
Good news! Enterprise-scale distribution is now handled through the robust JFrog Platform.
Please contact us with any questions.
You can generate a signed URL using the URL signing API call. With this call, you specify which file you want to distribute, as well as an optional expiry date for the generated URL.
Using the Re-generate Subject URL Signing Key API call.
By editing your organization’s profile page.
Regenerating the URL signing key
Once you regenerate your organization’s URL signing key, any signed URLs that you have previously distributed will be rendered invalid.
When your organization is on a Pro or Enterprise account, Bintray provides a more flexible way to provide fine-grained access control using Access Keys (formerly "Download Keys") and Entitlements.
Entitlements are permissions assigned to different entities that contain files. These may be:
Products*
Repositories
Packages
Versions*
Paths in a repository
*Product level entitlements are available only for Enterprise Account.
*Version level entitlements are available in all repository types except Maven.
Access Keys are unique identifiers generated for anyone who is not in one of your Bintray teams (such as external users), and to which permissions specified in Entitlements are assigned. Optional parameters are available including: expiry of key, existence check of the source identity, and CIDRs to control access from different IPs.
Any user who has received an access key can use that key (together with the password provided) to sign in to and navigate through Bintray. When signing in with an access key, the user is "scoped" and can only access those parts of the Bintray UI that are accessible according to the entitlements associated with the access key.
Say, for example, that you’ve created a Docker repo named "client1-images" under the "myorg" organization, and you’ve also created a download key under "myorg" with the id of "bob" and the password "secret".
Now, to allow bob to use the "client1-images" Docker repo, you simply need to create an entitlement on the "client1-images" repo containing the "bob" download key id (in the access_keys
field), with "rw" access.
This will allow the user bob to push and pull from the "client1-images" repo using the username "bob@myorg" (remember, access keys are scoped) and the password "secret".
You can attach any number of arbitrary strings as tags to any entitlement you create, and then search for entitlements according to those tags. This offers a way to categorize entitlements according to any scheme you find convenient. To manage entitlement tags (i.e. add or delete them to existing entitlements), you can use the Update Entitlement REST API endpoint.
For more information about how to create and use entitlements, please refer to the Entitlements REST API.