Add a New OAuth Provider

JFrog Platform Administration Documentation
Content Type
Administration / Platform
ft:sourceType
Paligo

The list of providers defined in Artifactory is displayed in the Providers section.

ouath providers.png

To add a new provider, click New. The JFrog Platform displays a dialog letting you enter the provider details. These may vary slightly depending on the provider you are configuring.

PKCE enabled.png

The following table describes the settings required by each supported provider, and the corresponding values you should use (where available):

Required Setting

Description

GitHub.com

GitHub Enterprise

Google

Cloud Foundry UAA

OpenID

Enabled

If selected, this OAuth provider is enabled and will appear in the login dialog.

PKCE Enabled

If selected, this OAuth provider will use an authorization code flow with PKCE.

X

X

Provider Name

A logical name for this provider. For example, "Google OAuth", "GitHub OAuth".

This must be unique within JFrog Platform.

Provider Type

The provider type. Currently GitHub, Git Enterprise, Google, OpenID, and Cloud Foundry are supported.

Client ID

The identity with which you identify your organization to the provider.

This is provided by the OAuth provider when you set up your account with them.

Secret

The secret allocated to your organization by the provider.

This is provided by the OAuth provider when you set up your account with them.

Domain

Specifies a domain filter which defines from which domains users may be authenticated.

Normally, this will be your domain name. For example jfrog.com

X

X

X

X

Docker Login

Support for Docker login

X

X

X

X

npm Login

Support for npm login

X

X

X

X

Basic URL

The base URL of the Git server which should be used for authentication.

https://github.com/

<Server Base URL>

X

X

X

Auth URL

The URL through which the provider redirects you to the authentication page.

https://github.com/login/oauth/authorize

Note: GitHub.com Accounts

Any GitHub.com account that has access

to the Artifactory URL will be allowed to login, including accounts that are outside your GitHub.comorganization scope.

<Server Base URL>/login/oauth/authorize

https://accounts.google.com /o/oauth2/auth

<Server Base URL>/oauth/authorize

API URL

The URL through which Artifactory can get extra information that it not directly available via OAuth.

https://api.github.com/user

<Server Base URL>/api/v3/user

https://www.googleapis.com /oauth2/v1/userinfo

<Server Base URL>/userinfo

Token URL

The URL that Artifactory will go to to get a token to use the API.

https://github.com/login /oauth/access_token

<Server Base URL>/login/oauth/ access_token

https://www.googleapis.com /oauth2/v3/token

<Server Base URL>/oauth/token