Overview

From version 5.0, Artifactory offers access tokens as a new and flexible means of authentication with a range of capabilities previously unavailable:

  • Cross-instance authentication
    Access tokens can be used for authentication, not only by the Artifactory instance or cluster where they were created, but also for other instances and clusters that are all part of the same "circle of trust".
     
  • User and non-user authentication
    The case for authenticating Artifactory users is clear, however access tokens can also be assigned to non-user entities such as CI server jobs.

  • Time-based access control 
    Access tokens have an expiry period so you can control the period of time for which you grant access. However, you may also delegate that control to the receiving user by making them refreshable

  • Flexible scope 
    By assigning Groups to tokens, you can control the level of access they provide.

For more information, including full details on how to use Access Tokens, visit the Access Tokens page in the JFrog Access User Guide