JFrog Help Center

Our new portal is coming soon!
Documentation + Knowledge Base

JFrog Help Center - A new knowledge experience is coming your way soon!


JFrog Access is the service that manages all aspects of authentication and authorization for all JFrog services under the hood. It stores all users, groups, permissions and Access tokens generated by any connected JFrog service. 

As part of the upgrade to the JFrog Platform, several changes were made to the permissions handled by Access. This document provides a detailed explanation of the permission migrations for the JFrog products in the JFrog Platform.

Page Contents

Permission Migration Per Product

JFrog Artifactory Migration

Permissions for Artifactory in Access did not change in the move from 6.x to 7.x.

JFrog Xray Migration

The following permissions changed in Xray.

Previous PermissionNew Permission
“Global” The new permissions are created for each resource type (repo, build) on any resource.
  • If the “resources” permission contains repositories, a new permission will be created with the resource type “repo” including the repositories' names.
  • If the “resources” permission contains builds, a new permission will be created with the resource type “build” including the build's names.

The following Xray actions changed.

Old ActionNew ActionDescription

Read performs the following actions:

  • Downloads artifacts and reads the metadata
  • Views and downloads build info artifacts from the artifactory-build-info a default repository and reads the corresponding build in the Builds page
  • Views and downloads Release Bundle artifacts from the relevant Release Bundle repository and reads the corresponding Release Bundles in the Distribution page
View_componentreadSee above
manage_componentmxm (manage_xray_metadata)Permission to trigger Xray scans on artifacts in repositories, creates and delete custom issues and license
manage_policiespolicy_manager role (user/group custom data)Permission to create , edit and view Policies

The Xray 2.0 Reports functionality was deprecated in 3.0.

The Xray 3.0 Reports, which are new a functionality, require new permissions

adminpolicy_manager role + mxm + readPermission to create , edit and view Policies, triggers Xray scans + perform the read actions above

JFrog Distribution Migration

The following resource types changed in Distribution.

Old Resource TypeNew Resource Type

The following Distribution actions changed.

Old ActionAction DescriptionNew Action
aadmin"r", "w", "x", "d"
wwrite/create/edit“r”, “w”
ddelete“r”, “d”
xdistribute“r”, “x”

JFrog Mission Control Migration

All permissions have been deleted.


In cases of conflicts in the display name, an index (1,2...) will be added to the display name.

Copyright © 2023 JFrog Ltd.