Artifactory system properties to handle Access Token expirations

Muhammed Kashif
2020-02-11 09:44

Access tokens are a flexible way of Authentication. An Access Token contains the security credentials for a login session and identifies the user, the user's groups, the user's privileges. 

Below are the system properties that can be used for handling the access tokens expirations:

#Default = 3600 seconds (1 hour)

artifactory.access.token.non.admin.max.expires.in=<seconds>
#Default = 3600 seconds (1 hour)
artifactory.access.token.expiresIn.default=<seconds>

 

When artifactory.access.token.non.admin.max.expires.in=<seconds> is configured in the artifactory.system.properties file, any non-admin user will not be able to create an access token more than the value set in the parameter. However, a user with admin privileges can override this value and set any expiry value for an access token.
When artifactory.access.token.expiresIn.default=<seconds> is configured in the artifactory.system.properties file, this property will set the default expiry value for any access token created either by the non-admin user or by the admin user. When externally “expires_in=<seconds>” option is passed while creating the access token, this will override the default value set by artifactory.access.token.expiresIn.default=<seconds>

 

 

Note: If <userTokenMaxExpiresInMinutes>60</userTokenMaxExpiresInMinutes> is available in $ARTIFACTORY_HOME/etc/artifactory.config.latest.xml, the above system properties will not take effect. To work with the above system properties, delete the <userTokenMaxExpiresInMinutes>60</userTokenMaxExpiresInMinutes> from the $ARTIFACTORY_HOME/etc/artifactory.config.latest.xml and change the artifactory.config.latest.xml to

$ARTIFACTORY_HOME/etc/artifactory.config.import.xml and restart Artifactory.