JFrog’s Access Tokens are standard JSON Web Tokens (JWTs). Because the tokens are standard JWTs, they can be quite long - since they contain the token’s properties (scope, subject and others), as well as additional information used to validate the token. The length of the token can create compatibility issues with various clients trying to authenticate with the JFrog platform. Moreover, some clients might not even support bearer token authentication (Authorization: Bearer <token>).To mitigate these length limitations, JFrog introduced the Reference Token.
A Reference Token is simply a short string of characters that refers to an actual token.To obtain a Reference Token, users can request the token using the create-token request API, by setting the include_reference_token
parameter to true. They can also use the JFrog Platform WebUI Profile page to generate this token.