JFrog Artifactory API Key
Service Name: JFrog Artifactory
Service Description: JFrog Artifactory is a universal binary repository manager that supports all major packaging formats, build tools, and CI/CD servers. It enables organizations to manage their software artifacts, dependencies, and binaries in a centralized location.
Service Address: https://jfrog.com/artifactory/
Validation Type: API Auth
IP Allow list: IP restrictions can be configured at the instance level through Access Control settings in the Artifactory administration panel.
Secret Access Scope: Grants programmatic access to Artifactory repositories, allowing users to upload, download, and manage artifacts based on the permissions associated with the API key.
Secret Revokement URL: https://jfrog.com/help/r/jfrog-platform-administration-documentation/api-key
Secret Example: AKCp8hyBx99uG4aEsz78sndsTUwUF6UZRKfxJsCnmMVpuXjKvs2ww1C8ESgAV9KQFAuH2tMHm
Suspicious Activity Investigation Instructions:
- Review Artifactory audit logs for unusual repository access or artifact operations
- Check for unexpected artifact uploads, downloads, or deletions
- Monitor for unauthorized repository creation or permission changes
- Examine access patterns for unusual IP addresses or times of access
- Verify if the API key was used from unexpected geographic locations
Mitigation Instructions:
- Log in to your JFrog Artifactory instance as an admin
- Navigate to Administration → Security → API Keys
- Locate the compromised API key and click "Revoke"
- Create a new API key if needed
- Review and adjust permissions for the user associated with the compromised
key
- Consider implementing IP restrictions for API access
- Enable two-factor authentication for user accounts with API key generation
privileges
- Update any CI/CD pipelines or automation scripts that were using the revoked
key