Skip to main content

Overview

The JFrog Artifactory integration allows Backline to connect to container images stored in your JFrog Artifactory Docker repositories. This integration supports both JFrog Cloud and self-hosted Artifactory instances.

What You Can Do

With the JFrog Artifactory integration, Backline can:
  • Import Docker images from Artifactory repositories
  • Collect image metadata and tags
  • Track images across repositories
  • Monitor your container inventory

Prerequisites

Before connecting JFrog Artifactory, ensure you have:
  • A JFrog Artifactory instance (Cloud or Self-hosted)
  • An Access Token, Identity Token, API Key, or password for authentication
  • (Optional) A JFrog username - only required for legacy API Keys or passwords
  • The repository key(s) for your Docker repositories

Required Permissions

Your JFrog user needs the following permissions:
  • READ permission on Docker repositories (for local/virtual repositories)
  • READ + DEPLOY/CACHE permission (only if using remote/proxy repositories)
Create a dedicated user in Artifactory for Backline with read-only permissions to maintain security. Most customers use local repositories for their own images, so READ permission is typically sufficient.

Authentication Options

JFrog Artifactory supports several authentication methods. Choose based on your token type: Modern JFrog tokens are self-authenticating - you only need the token, no username required.
1

Log in to JFrog

Access your JFrog Artifactory instance (Cloud or self-hosted).
2

Generate an Access Token

Navigate to Administration > Identity and Access > Access Tokens and click Generate Token.Configure the token:
  • Token Name: backline-integration (or any descriptive name)
  • Expiration: Choose an appropriate expiration or set to non-expiring for long-term use
  • Scope: Ensure the token has read access to your Docker repositories
3

Copy the Token

Copy the generated token immediately. You won’t be able to see it again.
Store the token securely. You’ll need it when configuring the integration in Backline.
4

Configure in Backline

When setting up the integration:
  • Username: Leave empty
  • Access Token / Password: Paste your token
This is the recommended approach for new integrations. Access Tokens are more secure and easier to manage than legacy API Keys.

Legacy API Keys or Passwords

If using a legacy API Key or your JFrog account password, you must provide your username.
1

Get Your Credentials

Note your JFrog username and either your API Key or account password.
2

Configure in Backline

When setting up the integration:
  • Username: Your JFrog username
  • Access Token / Password: Your API Key or password
Legacy API Keys are being deprecated by JFrog. Consider migrating to Access Tokens for better security and easier management.

Finding Your Repository Key

The repository key is the name of your Docker repository in Artifactory. To find it:
1

Navigate to Repositories

In JFrog Artifactory, go to Administration > Repositories > Repositories.
2

Identify Docker Repositories

Look for repositories of type Docker. The repository key is shown in the Repository Key column.Examples of repository keys:
  • docker-local
  • docker-prod
  • my-docker-images
3

Note Multiple Keys (Optional)

If you have multiple Docker repositories to connect, note all their keys. Backline supports configuring multiple repository keys in a single integration.
The repository key is different from the image name. For example, in the image URL mycompany.jfrog.io/docker-local/my-app:latest, the repository key is docker-local.

Connecting JFrog Artifactory

1

Go to Integration Hub

Navigate to Integrations from the main menu.
2

Select JFrog Artifactory

Find and click on the JFrog Artifactory integration card.
3

Enter Artifactory URL

Provide your Artifactory server URL:
  • JFrog Cloud: https://yourcompany.jfrog.io
  • Self-hosted: Any URL where your Artifactory is accessible, for example:
    • https://artifactory.yourcompany.com
    • http://artifactory.internal:8082
    • http://localhost:8082 (for local testing)
Both HTTP and HTTPS URLs are supported. HTTPS is recommended for production environments.
4

Enter Username (Optional)

If using a legacy API Key or password, enter your JFrog username.Leave this field empty if you’re using a modern Access Token or Identity Token - these tokens are self-authenticating.
5

Enter Access Token / Password

Paste the access token, identity token, API key, or password you’ll use for authentication.
6

Enter Repository Keys

Enter one or more Docker repository keys.
  • For a single repository: docker-local
  • For multiple repositories: docker-local, docker-prod, docker-dev
You can separate multiple keys with commas or semicolons.
7

Test Connection

Click Test Connection to verify:
  • Credentials are valid
  • All specified repositories are accessible
If any repository is inaccessible, the error message will indicate which repositories failed.
8

Save

Click Save to complete the integration.

After Connection

Once JFrog Artifactory is connected, Backline will:
  1. Validate access to all configured repositories
  2. Discover and import container images
  3. Display images in your Backline inventory

Image Discovery

Backline collects:
  • All tagged images in connected Docker repositories
  • Image metadata and tags
  • Repository information
Initial image discovery may take time depending on the number of images. Backline performs incremental updates for efficiency.

URL and Image Format

JFrog Cloud

Registry URL: yourcompany.jfrog.io
Image format: yourcompany.jfrog.io/<repository-key>/<image-name>:<tag>
Example: mycompany.jfrog.io/docker-local/my-app:1.0.0

Self-Hosted

Registry URL: <your-artifactory-host>:<port>
Image format: <your-artifactory-host>:<port>/<repository-key>/<image-name>:<tag>
Examples:
  artifactory.internal.com/docker-prod/backend-service:latest
  localhost:8082/docker-local/my-app:1.0.0

Managing the Integration

Updating Configuration

To update the integration settings:
  1. Open the Integration Hub
  2. Click on the JFrog Artifactory integration
  3. Update the URL, credentials, or repository keys as needed
  4. Click Test Connection to verify changes
  5. Click Save

Adding More Repositories

To add additional Docker repositories:
  1. Open the JFrog Artifactory integration settings
  2. Add new repository keys to the existing list (comma or semicolon separated)
  3. Test the connection to verify access to all repositories
  4. Save the changes

Disconnecting

To remove the JFrog Artifactory integration:
  1. Go to the Integration Hub
  2. Click on the JFrog Artifactory integration
  3. Select Disconnect
  4. Confirm your decision
Disconnecting will stop container image collection. Existing image data will remain but won’t be updated.

Troubleshooting

Authentication Failed

If you see “authentication failed: invalid credentials or insufficient permissions”:
  • If using username + token: Verify the username matches the account that owns the token
  • Check that the access token hasn’t expired
  • Ensure the user/token has READ permission on the specified repositories

Authentication Failed with Access Token (No Username)

If authentication fails when using an Access Token without a username:
  • Verify your token is a modern Access Token or Identity Token (not a legacy API Key)
  • Try adding your username - some tokens may require it depending on how they were created
  • Check that the token has not expired
  • Ensure the token has READ permission on the Docker repositories

Repository Not Found

If you see “repository access failed for: [repository-key]”:
  • Verify the repository key is spelled correctly
  • Check that the repository exists in your Artifactory instance
  • Ensure the repository is of type Docker

Connection Timeout

If the connection times out:
  • For self-hosted instances, verify the URL is reachable from the internet
  • Check firewall rules allow incoming connections
  • Verify the Artifactory service is running

Self-Hosted SSL Issues

If you experience SSL certificate errors with self-hosted instances:
  • Ensure your SSL certificate is valid and not expired
  • For internal CAs, you may need to use HTTP (not recommended for production)