Skip to main content

Artifactory Basic Auth Credentials

Description

General

  • Documentation: https://www.jfrog.com/confluence/display/JFROG/Artifactory+REST+API

  • Summary: Artifactory is a binary package manager designed to simplify and automate builds and pipelines. Credentials are used to authenticate API requests in Artifactory using a username and password combination. These credentials are sensitive as they grant access to Artifactory resources, such as repositories, builds, and artifacts.

  • IPs allowlist: As of the time of writing this documentation, IP allowlisting is not supported.

  • Scopes: Credentials inherit the permissions of the user they are associated with. Permissions can be managed at the user or group level through the Artifactory dashboard.

Revoke the secret

Credentials can be revoked by changing the user's password in the Artifactory dashboard. Navigate to the User Profile section, update the password, and ensure that any active sessions are logged out.

Check for suspicious activity

All access logs are stored and accessible through the administration module under Artifactory > System Logs. These logs can be reviewed to monitor credential usage and detect suspicious activity.

Details for Artifactory basic auth credentials

  • Family: credentials

  • Category: package_registry

  • Company: JFrog

  • High recall: True

  • Validity check available: True

  • Analyzer available: False

  • On-premise instances exist: False

  • Only valid secrets raise an alert: False

  • Minimum number of matches: 3

  • Occurrences found for one million commits: 0.2

  • Prefixed: True

  • PreValidators:

- type: ContentWhitelistPreValidator
  patterns:
    - jfrog
    - artifactory

Examples

- text: |
    https://something:AKCp5e2gBFkTopyhnNQsESaVAfdax9urC7VhQQpfsFZAJVDwX81enzgGXGGCYp1111111111@ggsecret.jfrog.io/artifactory/
  host: ggsecret.jfrog.io
  username: something
  password: AKCp5e2gBFkTopyhnNQsESaVAfdax9urC7VhQQpfsFZAJVDwX81enzgGXGGCYp1111111111

Details for Artifactory base64 basic auth credentials

  • Family: credentials

  • Category: package_registry

  • Company: JFrog

  • High recall: False

  • Validity check available: True

  • Analyzer available: False

  • On-premise instances exist: False

  • Only valid secrets raise an alert: False

  • Minimum number of matches: 2

  • Occurrences found for one million commits: 0.25

  • Prefixed: False

  • PreValidators:

- type: ContentWhitelistPreValidator
  patterns:
    - _auth
- type: ContentWhitelistPreValidator
  patterns:
    - jfrog
    - artifactory

Examples

- text: |
    +//google.com/artifactory/api/:_auth="YzUyNTQxMTE6QUtDcDhqUkdldGVuVXh0WnBiNnQ4VjVMV3JENnVIVlRHZzVCNFREdDhGdTQzRzNIdnJQZVdHUlNnQlJHYnMzS1o3Z3BoZ0JCQg=="
  host: google.com
  connection_string: YzUyNTQxMTE6QUtDcDhqUkdldGVuVXh0WnBiNnQ4VjVMV3JENnVIVlRHZzVCNFREdDhGdTQzRzNIdnJQZVdHUlNnQlJHYnMzS1o3Z3BoZ0JCQg
Last updated on

Something we didn’t cover?

See our Roadmap

Subscribe on GitHub

Submit a request

API status