Reference Token Benefits

JFrog Platform Administration Documentation

Content Type
Administration / Platform
ft:sourceType
Paligo

Reference Tokens have the following advantages:

  • Reference Tokens are not retrievable - Reference Tokens are stored as hashed, so they are not retrievable from the UI, REST API, or database, making them less likely to be compromised. 

  • Reference Tokens can have a default expiry - the Artifactory administrator can set a default expiry for Reference Tokens. They can also control the default expiry time and decide whether a token will be refreshable or not.

  • A user can have multiple Reference Tokens - unlike API Keys, a user can create numerous Reference Tokens.

  • Reference tokens information can be viewed and the token can be revoked via the JFrog Platform UI - both for the user and the administrators.

  • Reference Tokens can be used in multiple ways - Reference Tokens can be used similarly to API Keys, with the “X-JFrog-Art-Api” Header, but also as Basic credentials with “curl -u User1:<reference token>” or as bearer tokens “curl -H Authorization: Bearer <token>”.

  • Reference Tokens are short (64 characters) - unlike Identity Tokens, Reference Tokens can be used with clients that do not support long tokens or passwords.