Skip to content

JFrog Reference Access Token

Service Name: JFrog Artifactory

Service Description: JFrog Artifactory is a universal repository manager that supports all major packaging formats, build tools, and CI/CD servers. It provides secure, private, local repositories, proxies for remote resources, and virtual repositories that combine both.

Service Address: https://jfrog.com/artifactory/

Validation Type: API Auth

IP Allow list: Does not exist

Secret Access Scope: Grants access to JFrog Artifactory resources based on the permissions assigned to the token. Can be used to access repositories, builds, and other Artifactory resources.

Secret Revokement URL: https://jfrog.com/help/r/jfrog-platform-administration-documentation/access-tokens

Secret Example: cmVmdGtuX2FiY2RlZmdoaWprbG1ub3BxcnN0dXZ3eHl6MTIzNDU2Nzg5MGFiY2RlZmdoaWprbG1ub3A=

Suspicious Activity Investigation Instructions:

  • Check JFrog Artifactory audit logs for unusual download or upload activities
  • Review access patterns for unusual IP addresses or times
  • Check for unauthorized repository creation or modification
  • Monitor for excessive downloads that could indicate data exfiltration
  • Review user permission changes associated with the token

Mitigation Instructions:

  • Log in to your JFrog Artifactory instance
  • Navigate to the Administration section
  • Select "Security" and then "Access Tokens"
  • Locate the compromised token and click "Revoke"
  • Create a new token with appropriate permissions if needed
  • Review and update access control policies
  • Consider implementing IP restrictions for token usage