Much like the old API keys, you can create an Identity token by going to the User Profile page:
1] Go to the Edit Profile menu in the top right corner of the Web UI
2] Select the "Generate an Identity Token" button
3] You now have a one-time chance to copy the token text
You can use this token to access the application in place of a password, just like an API key:
curl -u froggy:cm[...] http://localhost:8081/artifactory/api/system/ping
You may also use this token to generate Access Tokens. The Identity Token is key here, you have to use the Identity Token in an "Authorization: Bearer" header for security reasons:
curl -H "Authorization: Bearer cm[...]" -d "scope=applied-permissions/user" -XPOST -v http://localhost:8081/access/api/v1/tokens
{
"token_id" : "bbf4fc27-be5f-40d2-9b19-9181ea21900b",
"access_token" : "ey[...]",
"expires_in" : 31536000,
"scope" : "applied-permissions/user",
"token_type" : "Bearer"
} Artifactory Administrators may generate tokens for other users, or create transient users, but they too are limited to using Identity or Admin Tokens to do so:
curl -H "Authorization: Bearer cm[... Admin ID Token ...]" -X POST -d "username=froggy-pipeline" -d "scope=applied-permissions/groups:readers"
http://localhost:8082/access/api/v1/tokens
{
"token_id" : "58f781d5-f59d-4f7c-972c-d78e4018c4ec",
"access_token" : "eyJ[...]bA",
"scope" : "applied-permissions/groups:readers",
"token_type" : "Bearer"
}