Security Configuration JSON

JFrog REST APIs

Products
JFrog Xray
Content Type
REST API
ft:sourceType
Paligo

Legend

Element

Description

+

Mandatory element in create/replace queries, optional in "update" queries

-

Optional element in create/replace queries

!

Read-only element

(default)

The default value when unspecified in create/replace queries

application/vnd.org.jfrog.artifactory.security.User+json

{
  - "name": "davids",
  + "email" : "davids@jfrog.com",
  + "password": "***" (write-only, never returned),
  - "admin": false (default),
  - "profileUpdatable": true (default),
  - "disableUIAccess" : true,
  - "internalPasswordDisabled": false (default),
  ! "lastLoggedIn": ISO8601 (yyyy-MM-dd'T'HH:mm:ss.SSSZ),
  ! "realm": "Realm name (e.g. internal, saml, oauth, ldap, crowd, scim)",
  - "groups" : [ "deployers", "users" ],
  - "watchManager": false(default),
  - "policyManager": false(default)
}

application/vnd.org.jfrog.artifactory.security.Group+json

{
  - "name": "dev-leads",
  - "description" : "The development leads group",
  - "autoJoin" : false (default, must be false if adminPrivileges is true),
  - "adminPrivileges" : false (default),
  - "realm": "Realm name (e.g. internal, saml, ldap, crowd, scim)",
  - "realmAttributes": "Realm attributes for use by LDAP"
  - "userNames" : [ "user1", "user2", "user3" ] //available from version 6.13 only for Update Group requests
  - "watchManager": false(default),
  - "policyManager": false(default),
  - "reportsManager": false (default)
  - "externalId" : "123"
  }

application/vnd.org.jfrog.artifactory.security.PermissionTarget+json

Permissions are set/returned according to the following conventions:

m=admin; d=delete; w=deploy; n=annotate; r=read; mxm=managedXrayMeta; x=distribute

name - limited to 64 characters

includePattern/excludePattern - limited to 1024 characters

{
  - "name": "populateCaches",
  - "includesPattern": "**" (default),
  - "excludesPattern": "" (default),
  + "repositories": ["local-rep1", "local-rep2", "remote-rep1"], // Permission targets are not supported for Virtual repositories.   
  - "principals": {
        "users" : {
          "bob": ["r","w","m"],
          "alice" : ["d","w","n", "r"]
        },
        "groups" : {
          "dev-leads" : ["m","r","n"],
          "readers" : ["r"]
        }
    }
}

application/vnd.org.jfrog.artifactory.security.PermissionTargetV2+json

Permissions are set/returned according to the following conventions:

read, write, annotate, delete, manage, managedXrayMeta, distribute

You can specify the name "ANY" in the repositories section in order to apply to all repositories, "ANY REMOTE" for all remote repositories and "ANY LOCAL" for all local repositories.

{
  - "name": "java-developers",
  - "repo": {
     - "include-patterns": ["**"] (default),
     - "exclude-patterns": [""] (default),
     + "repositories": ["local-rep1", "local-rep2", "remote-rep1"],
     - "actions": {
          "users": {
            "bob": ["read","write","manage"],
            "alice": ["write","annotate", "read"]
        },
          "groups": {
            "dev-leads": ["manage","read","annotate"],
            "readers": ["read"]
       }
    }
}
 - "build": {
     - "include-patterns": [""] (default),
     - "exclude-patterns": [""] (default),
     + "repositories": ["artifactory-build-info"] (default, can't be changed),
     - "actions": {
          "users": {
            "bob": ["read","manage"],
            "alice": ["write"]
          },
          "groups": {
            "dev-leads": ["manage","read","write","annotate","delete"],
            "readers": ["read"]
          }
    }
  }
 - "releaseBundle":{
    - "include-patterns": ["**"],
    - "exclude-patterns": [],
   + "repositories": ["release-bundles"],
   - "actions": {
        "users": {
          "user_name":["read", “write” etc..]
       }, 
        "groups":{
          "group_name":[“read”, “write” etc..]
       }
   }
}