The interaction between Artifactory and Access is partly enabled (up until version 6.8) through a reliance on basic authentication and an administrative Access user called access-admin. Upon startup, this Access user establishes connectivity with the Access service by providing Artifactory with a special (JWT) Access token, which is thereafter used in every subsequent request as the authentication token.
With this said, JFrog has made security improvements to its products, which include completely dispensing with access-admin in Access/Artifactory interactions. As from Artifactory version 6.8 and above, a new security mechanism is involved, which uses an AES128 symmetric key encrypted-initial temporary token for Artifactory <-> Access validation.