Have a question? Want to report an issue? Contact JFrog support

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

File Statistics

Description: Item statistics record the number of times an item was downloaded, last download date and last downloader. Supported by local and local-cached repositories.
Since:
 3.1.0
Security:
 Requires read privileges
Usage:
 GET /api/storage/{repoKey}/{item-path}?stats
Produces: application/vnd.org.jfrog.storage.StatsInfo+json
Sample Output:

...

Description: Removes the current master key and deactivates master key encryption.
Since: 3.2.2
Notes: This is an advanced feature intended for administrators
Security: Requires a valid admin user
Usage: POST /api/system/decrypt
Produces: text/plain
Sample Usage:

Code Block
POST /api/system/decrypt

DONE

Set GPG Public Key

Description: Sets the public key that Artifactory provides to Debian and Opkg clients to verify packages
Security: Requires a valid admin user
Usage: PUT /api/gpg/key/public
Produces: text/plain
Since3.3
Sample Usage:

Code Block
PUT /api/gpg/key/public

Get GPG Public Key

Description: Gets the public key that Artifactory provides to Debian and Opkg clients to verify packages
Security: Requires an authenticated user, or anonymous (if "Anonymous Access" is globally enabled) 
Usage: GET /api/gpg/key/public
Produces: text/plain
Since3.3
Sample Usage:

Code Block
GET /api/gpg/key/public

Set GPG Private Key

Description: Sets the private key that Artifactory will use to sign Debian and ipk packages
SecurityRequires a valid admin user
Usage: PUT /api/gpg/key/private 
Produces: text/plain
Since3.3
Sample Usage:

Code Block
PUT /api/gpg/key/private

Set GPG Pass Phrase

Description: Sets the pass phrase required signing Debian and ipk packages using the private key
SecurityRequires a valid admin user
Usage: PUT /api/gpg/key/passphrase
Headers: -H X-GPG-PASSPHRASE:passphrase 
Produces: text/plain
Since3.3
Sample Usage:

Code Block
PUT /api/gpg/key/passphrase

Create Token

Description: Creates an access token
Since: 5.0.0
Security: Requires a valid user
Usage
: POST /api/security/token
Content-Type: application/x-www-form-urlencoded 

Produces: application/json

Code Block
{
   "access_token":   "<the access token>",
   "expires_in":    <Validity period in seconds>,
   "scope":         "<access scope>",
   "token_type":    "Bearer",
   "refresh_token": "<the refresh token if access_token is refreshable>"
}

Sample Usage:

Code Block
curl -uadmin:password -XPOST "http://localhost:8081/artifactory/api/security/token" -d "username=johnq" -d "scope=member-of-groups:readers"
 
200
{
   "access_token":   "adsdgbtybbeeyh...",
   "expires_in":    3600,
   "scope":         "api:* member-of-groups:readers",
   "token_type":    "Bearer",
   "refresh_token": "fgsfgsdugh8dgu9s8gy9hsg..."
}

This endpoint takes the following parameters:

grant_type

[Optional, default: "client_credentials"]

The grant type used to authenticate the request. In this case, the only value supported is "client_credentials" which is also the default value if this parameter is not specified.

username

The user name for which this token is created. If the user does not exist, a transient user is created. Non-admin users can only create tokens for themselves so they must specify their own username.

If the user does not exist, the member-of-groups scope token must be provided (e.g. member-of-groups: g1, g2, g3...)

scope

[Optional if the user specified in username exists]

The scope to assign to the token provided as a space-separated list of scope tokens. Currently there are three possible scope tokens:

  • "api:*" - indicates that the token grants access to REST API calls. This is always granted by default whether specified in the call or not.
  • member-of-groups:[<group-name>] - indicates the groups that the token is associated with (e.g. member-of-groups: g1, g2, g3...). The token grants access according to the permission targets specified for the groups listed.
    Specify "*" for group-name to indicate that the token should provide the same access privileges that are given to the group of which the logged in user is a member.
    A non-admin user can only provide a scope that is a subset of the groups to which he belongs
  • "jfrt@<instance-id>:admin" - provides admin privileges on the specified Artifactory instance. This is only available for administrators.

If omitted and the username specified exists, the token is granted the scope of that user.

expires_in

[Optional, default: 3600]

The time in seconds for which the token will be valid. To specify a token that never expires, set to zero. Non-admin can only set a value that is equal to or less than the default 3600.

refreshable

[Optional, default: false]

If true, this token is refreshable and the refresh token can be used to replace it with a new token once it expires.

audience

[Optional, default: Only the service ID of the Artifactory instance that created the token]

A space-separate list of the other Artifactory instances or services that should accept this token identified by their Artifactory Service IDs as obtained from the Get Service ID endpoint.

In case you want the token to be accepted by all Artifactory instances you may use the following audience parameter "audience=jfrt@*".


Refresh Token

Description: Refresh an access token to extend its validity. If only the access token and the refresh token are provided (and no other parameters), this pair is used for authentication. If username or any other parameter is provided, then the request must be authenticated by a token that grants admin permissions.
Since: 5.0.0
Security: Requires a valid user (unless both access token and refresh token are provided)
Usage: POST /api/security/token

Content-Type: application/x-www-form-urlencoded

Produces: application/json (Please refer to Create Tokens)

Sample Usage: 

Code Block
curl -XPOST "http://localhost:8081/artifactory/api/security/token" -d "grant_type=refresh_token" -d "refresh_token=fgsg53t3g…" -d "access_token=gsfdgw35gt..."
 
200 (Success) As in Create Token
 
400 (Error) If the token was created by a different Artifactory instance (and hence cannot be refreshed)

This endpoint takes the following parameters:

grant_type

Should be set to refresh_token.

refresh_token
The refresh token of the access token that needs to be refreshed.
access_token

[Required if username is omitted]

The access token to refresh.

username

Please refer to Create Tokens.

Note: access_token and username are mutually exclusive, so only one of these parameters should be specified.

If access_token is provided, the new token is created with the same settings as that token.

 

scope
expires_in
refreshable
audience

Revoke Token

Description: Revoke an access token 
Since: 5.0.0
Security: Requires a valid user
Usage: POST /api/security/token/revoke
Content-Type: application/x-www-form-urlencoded

Produces: application/json 
Sample Usage:

Code Block
curl -uadmin:password -XPOST "http://localhost:8081/artifactory/api/security/token/revoke" -d "token=fasdt3..."
 
200 OK (Also returned if the token was already revoked or non-existent)
 
400 (Error) If the token was created by a different Artifactory instance (and hence cannot be revoked)

This endpoint takes the following parameters:

token

The token to be revoked


Get Service ID

Description: Provides the service ID of an Artifactory instance or cluster
Since: 5.0.0
Security: Requires an admin user
Usage: GET /api/system/service_id
Produces: text/plain
Sample Usage:

Code Block
curl -uadmin:password -XGET "http://localhost:8081/artifactory/api/system/service_id"
 
200
jfrt@ee27b1d1-534d-4723-80b5-5bd893d19c43

 

...