Security Configuration Descriptor

JFrog Installation & Setup Documentation

Content Type
Installation & Setup

Security Configuration Descriptor contains Artifactory security configuration information.


Direct modification of the security descriptor is an advanced feature, and if done incorrectly may render Artifactory in an undefined and unusable state. We strongly recommend backing up the configuration before making any direct changes, and taking great care when doing so.

Bootstrapping the Security Configuration

Artifactory stores all security information as part of its internal storage.You can bootstrap Artifactory with a predefined security configuration by creating a $JFROG_HOME/artifactory/var/etc/artifactory/security.import.xml file containing the Artifactory exported security configuration information.

If Artifactory detects this file at startup, it uses the information in the file to override all security settings. This is useful if you want to copy the security configuration to another instance of Artifactory.

Modifying Security Using the REST API

Modifying the Security Configuration Descriptor Using the REST API has been deprecated.