How to generate an access token? [Video]

Ohad Levy
2021-02-04 09:21

In this video we will go through the methods of generating an Artifactory access token. We will generate a token via both UI and Rest API methods. Next we will use the token to resolve an item from Artifactory


Video Transcription

Hello everyone. My name is Ohad and I’m from JFrog Support. Today I’m going to show you a quick video on how to generate access tokens. So once you’re logged into Artifactory, you can go to the administration tab, you press right here. Then we’re going to choose the identity and access. Then access tokens. Via the UI, we only have the option to generate admin tokens. So this will create an admin token with the admin permission levels. So once you press generate admin token, you will be shown this window. And here we have the option to choose never expired or set token expiry. I’m going to choose a token that never expires for this example. I’m going to press generate, and this is the token value. Please note that once you close this window, you will never be able to see this token value.

So make sure you save it. I’m going to copy to clipboard and then close. And you can see the token right here. Next we’re going to generate the token, will be at the rest API. So this is the command curl, the username, the password, it’s a post request. The end point is API security token. And here, the username is the name for the token. Variable is admin. Next, we will see its test. As I said, via the UI only have the option to create admin token level. Via the rest, you can choose to give a scope of a group in Artifactory. So in my Artifactory, I have a group called readers and it’s permission level is only to read files from Artifactory. So for example, I won’t be able when using this token to deploy any password to Artifactory. Next, I set the expiry to zero, as we did in the UI. I’m going to press enter. And this is my token. I’m going to copy it.

Save it. And next we’re going to try and resolve the file from Artifactory without any credentials. It’s going to fail. And then we’re going to use the same comment with the token and see that we’re able to fetch the file. So this is the command I already deployed the file name, text test to a generic repository called generic local. And if I try to fetch it, I see that authentic action is required. So, here I’m going to set an environment variable called token, and I’m going to input the token about here. And next, I’m going to use this command, which has the token applied in it. So it’s curl minus age, authorization, bearer, token And the same endpoint as before, generate local text test. You want to press enter. And we can see the content of this file. Thank you for watching. Let me know if you have any questions, leave any comments you have. Have a great day.