Access Federation

Access Federation gives you control over access to all, or any subset of your services from one location by synchronizing all security entities (users, groups, permissions, and access tokens) between the federated services. Once Access Federation has been set up, you can manage all security entities in the federated services from one place.

Access Federation supports setting up the security entities you want to synchronize across different federated services, and provides quick and easy configuration to set up a Full Mesh or Star topology. The synchronization process is moderated by a variety of different parameters whose default values have been set to satisfy most installations.

Before you proceed to the next step of configuring your Access Federation topologies, make sure to configure the Base URL on the Artifactory side and ensure that you have admin permissions.

Set Up an Access Federation

The following steps are involved in setting up Access Federation:

Reviving a Stale Service

A stale service is one that has been registered as a synchronization target, however, it has not responded to any attempt to synchronize data for a period of time greater than that defined in the consider-stale-hours parameter with which the source Access service was configured. Once a target service is deemed to be stale, the source service will not make any further attempts to synchronize data to it. To "revive" a stale service and resume synchronizing data you need to manually apply the Federation REST API endpoint described in Synchronize Data in Access Federation on the source service.

You can revive a stale service manually or, starting from Artifactory 7.77, configure the system to automatically revive a stale service. For more information, see Revive a Stale Service.

Conflict Resolution in Access Federation

Starting from Artifactory 7.77.x, Access Federation has implemented advanced conflict resolution methodology.

For more information, see Conflict Resolution in Access Federation.