Using the latest version?
JFrog Platform User Guide
JFrog Artifactory 6.x Documentation
To get the latest version, go to the JFrog Unified Platform
You can configure authentication for remote repositories by specifying remote credentials.
- Personal Access Token (PAT)
- In the Admin module, go to Remote Repository | Advanced.
- Under Remote Authentication, enter your remote credentials in the following screen:
a. Under Remote Authentication, enter a username in the Username field.
b. Enter a password in the Password/Access Token field.
- Personal Access Tokens (PAT) (From Artifactory 6.18 and later)
a. Create the PAT in the service provider and copy the PAT to the clipboard.
b. Under Remote Authentication, paste the PAT into the Password/Access Token field.
c. Enter a username in the Username field.
Even though you are using the PAT instead of a password, you cannot leave this field empty. You can enter any arbitrary username.
4. Click Save & Finish.
|The username that should be used for HTTP authentication when accessing this remote proxy. When a PAT is used for authentication, an arbitrary username can be entered into this field, but the field must not be left empty.|
|The password or personal access token (PAT) that should be used for HTTP authentication when accessing this remote proxy.|
|The SSL/TLS certificate this repository should use for authentication to the remote resource for which it is a proxy.|
Foreign Layers Caching
Enable Foreign Layers Caching
Disabled by default
Enable this feature to allow Artifactory to download foreign layers to a Docker remote repository.
Include patterns to match external URLs when trying to download foreign layers.
Specify a whitelist of Ant-style path expressions that specify where foreign layers may be downloaded from. Supported expressions include (*, **, ?).
By default, this field is set to ** which means that foreign layers may be downloaded from any external source.
|If your organization requires you to go through a proxy to access a remote repository, this parameter lets you select the corresponding Proxy Key.|
For more details on setting up proxies in Artifactory please refer to Managing Proxies.
When working on multi-homed systems, this parameter lets you specify which specific interface (IP address) should be used to access the remote repository.
The time (in ms) that Artifactory waits (for both a socket and a connection) before giving up on an attempt to retrieve an artifact from a remote repository.
A custom set of parameters that should automatically be included in all HTTP requests to this remote repository.
Lenient Host Authentication
|When set, allows using the repository credentials on any host to which the original request is redirected.|
|When set, the repository will allow cookie management to work with servers that require them.|
Using Oracle Maven Repository
To use Oracle Maven Repository:
- Set your Oracle credentials in Username and Password of the Remote Credentials
- Set Lenient Host Authentication
- Set Enable Cookie Management.
Artifactory stores artifacts retrieved from a remote repository in a local cache. The Cache Settings specify how to manage cached artifacts.
Caching Maven artifacts
Caching for Maven artifacts is only applicable to snapshots since it is assumed that releases never change.
Unused Artifacts Cleanup Period
Many cached artifacts in Artifactory remote repository storage are actually unused by any current projects in the organization. This parameter specifies how long an unused artifact will be stored before it is removed. Once reaching this period Artifacts will be removed in the next invocation of cleanup. For more details please refer Cleanup Unused Cached Artifacts in Regular Maintenance Operations.
Leaving the field empty (default) means that the artifact is stored indefinitely.
Metadata Retrieval Cache Period
Defines how long before Artifactory checks for a newer version of a requested artifact in a remote repository.
On which file types does this parameter work?
This setting refers to artifacts that expire after a period of time (e.g. metadata files such as
Note that most artifacts that are downloaded do not change (e.g. release versions), therefore this setting has no effect on them.
Metadata Retrieval Cache Timeout
Allows you to control the Metadata timeout performance. If the timeout is reached, the previous metadata is returned to the client, as a lock was not applied due to new metadata, leaving the previous request hanging.
Assumed Offline Period
In case of a connection error, this parameter specifies how long (in seconds) Artifactory should wait before attempting an online check in order to reset the offline status.
Missed Retrieval Cache Period
If a remote repository is missing a requested artifact, Artifactory will return a "404 Not found" error. This response is cached for the period of time specified by this parameter. During that time, Artifactory will not issue new requests for the same artifact.
"Zapping" a cache means forcing the Retrieval Cache Period and Missed Retrieval Cache Period to time out. To "zap" a cache, in the Artifacts module Tree browser,
Select the repository cache you wish to "zap" and click Zap caches in the right-click menu or Actions drop-down menu.
Select Property Sets
Defines the property sets that will be available for artifacts stored in this repository.
Setting Priority Resolution takes precedence over the resolution order when resolving virtual repositories. Setting repositories with priority will cause metadata to be merged only from repositories set with this field. If a package is not found in those repositories, Artifactory will merge metadata from the repositories that have not been set with the Priority Resolution field.
Priority Resolution is supported for Alpine, Bower, Conan, Conda, Cran, Docker, Go, Gradle, Ivy, Maven, npm, Nuget, Puppet, PyPI, RubyGems, and SBT packages.
|If set, Artifactory ignores this repository when trying to resolve artifacts. The repository is also not available for download or deployment of artifacts.|
Allow content browsing
When set, allows Artifactory users to browse the internal contents of archives (for example, browsing specific Javadoc files from within a Javadoc archive).
When archive browsing is allowed, strict content moderation should be employed to ensure malicious users do not upload content that may compromise security (e.g. cross-site scripting attacks)
Store artifacts locally
When set, Artifactory artifacts from this repository will be cached locally. If not set, direct repository-to-client streaming is used.
When might you use direct repository-to-client streaming?
If your organization has multiple servers connected over a high speed LAN, you may have one instance of Artifactory caching data on a central storage facility with additional instances of Artifactory running on other servers. In this case, it makes sense for the additional instances of Artifactory to act as satellite pass-through servers rather than have them duplicate the cached data within their own environments.
|When set, synchronizes properties of artifacts retrieved from a remote instance of Artifactory.|
Bypass HEAD Requests
|When set, Artifactory will not send a HEAD request to the remote resource before downloading an artifact for caching|
Block Mismatching Mime Types
|When set, artifacts will fail to download if a mismatch is detected between the requested and received mime type, according to a list specified in the |
Override Default Blocked Mime Types
|The set of mime types that should override the Block Mismatching Mime Types setting.|
Propagate Query Params
When set, if query params are included in the request to Artifactory, they will be passed on to the remote repository.
Generic Repositories Only
This setting is only available for Generic type repositories.