> ## Documentation Index
> Fetch the complete documentation index at: https://docs.backline.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# JFrog Artifactory Integration

> Connect container images from JFrog Artifactory registries

## Overview

The JFrog Artifactory integration allows Backline to connect to container images stored in your JFrog Artifactory Docker repositories. This integration supports both JFrog Cloud and self-hosted Artifactory instances.

## What You Can Do

With the JFrog Artifactory integration, Backline can:

* Import Docker images from Artifactory repositories
* Collect image metadata and tags
* Track images across repositories
* Monitor your container inventory

## Prerequisites

Before connecting JFrog Artifactory, ensure you have:

* A JFrog Artifactory instance (Cloud or Self-hosted)
* An Access Token, Identity Token, API Key, or password for authentication
* (Optional) A JFrog username - only required for legacy API Keys or passwords
* The repository key(s) for your Docker repositories

### Required Permissions

Your JFrog user needs the following permissions:

* **READ** permission on Docker repositories (for local/virtual repositories)
* **READ + DEPLOY/CACHE** permission (only if using remote/proxy repositories)

<Tip>
  Create a dedicated user in Artifactory for Backline with read-only permissions to maintain security. Most customers use local repositories for their own images, so READ permission is typically sufficient.
</Tip>

## Authentication Options

JFrog Artifactory supports several authentication methods. Choose based on your token type:

### Modern Access Tokens / Identity Tokens (Recommended)

Modern JFrog tokens are **self-authenticating** - you only need the token, no username required.

<Steps>
  <Step title="Log in to JFrog">
    Access your JFrog Artifactory instance (Cloud or self-hosted).
  </Step>

  <Step title="Generate an Access Token">
    Navigate to **Administration > Identity and Access > Access Tokens** and click **Generate Token**.

    Configure the token:

    * **Token Name**: `backline-integration` (or any descriptive name)
    * **Expiration**: Choose an appropriate expiration or set to non-expiring for long-term use
    * **Scope**: Ensure the token has read access to your Docker repositories
  </Step>

  <Step title="Copy the Token">
    Copy the generated token immediately. You won't be able to see it again.

    <Warning>
      Store the token securely. You'll need it when configuring the integration in Backline.
    </Warning>
  </Step>

  <Step title="Configure in Backline">
    When setting up the integration:

    * **Username**: Leave empty
    * **Access Token / Password**: Paste your token
  </Step>
</Steps>

<Tip>
  This is the recommended approach for new integrations. Access Tokens are more secure and easier to manage than legacy API Keys.
</Tip>

### Legacy API Keys or Passwords

If using a legacy API Key or your JFrog account password, you must provide your username.

<Steps>
  <Step title="Get Your Credentials">
    Note your JFrog username and either your API Key or account password.
  </Step>

  <Step title="Configure in Backline">
    When setting up the integration:

    * **Username**: Your JFrog username
    * **Access Token / Password**: Your API Key or password
  </Step>
</Steps>

<Note>
  Legacy API Keys are being deprecated by JFrog. Consider migrating to Access Tokens for better security and easier management.
</Note>

## Finding Your Repository Key

The repository key is the name of your Docker repository in Artifactory. To find it:

<Steps>
  <Step title="Navigate to Repositories">
    In JFrog Artifactory, go to **Administration > Repositories > Repositories**.
  </Step>

  <Step title="Identify Docker Repositories">
    Look for repositories of type **Docker**. The repository key is shown in the **Repository Key** column.

    Examples of repository keys:

    * `docker-local`
    * `docker-prod`
    * `my-docker-images`
  </Step>

  <Step title="Note Multiple Keys (Optional)">
    If you have multiple Docker repositories to connect, note all their keys. Backline supports configuring multiple repository keys in a single integration.
  </Step>
</Steps>

<Note>
  The repository key is different from the image name. For example, in the image URL `mycompany.jfrog.io/docker-local/my-app:latest`, the repository key is `docker-local`.
</Note>

## Connecting JFrog Artifactory

<Steps>
  <Step title="Go to Integration Hub">
    Navigate to **Integrations** from the main menu.
  </Step>

  <Step title="Select JFrog Artifactory">
    Find and click on the **JFrog Artifactory** integration card.
  </Step>

  <Step title="Enter Artifactory URL">
    Provide your Artifactory server URL:

    * **JFrog Cloud**: `https://yourcompany.jfrog.io`
    * **Self-hosted**: Any URL where your Artifactory is accessible, for example:
      * `https://artifactory.yourcompany.com`
      * `http://artifactory.internal:8082`
      * `http://localhost:8082` (for local testing)

    <Tip>
      Both HTTP and HTTPS URLs are supported. HTTPS is recommended for production environments.
    </Tip>
  </Step>

  <Step title="Enter Username (Optional)">
    If using a legacy API Key or password, enter your JFrog username.

    **Leave this field empty** if you're using a modern Access Token or Identity Token - these tokens are self-authenticating.
  </Step>

  <Step title="Enter Access Token / Password">
    Paste the access token, identity token, API key, or password you'll use for authentication.
  </Step>

  <Step title="Enter Repository Keys">
    Enter one or more Docker repository keys.

    * For a single repository: `docker-local`
    * For multiple repositories: `docker-local, docker-prod, docker-dev`

    You can separate multiple keys with commas or semicolons.
  </Step>

  <Step title="Test Connection">
    Click **Test Connection** to verify:

    * Credentials are valid
    * All specified repositories are accessible

    If any repository is inaccessible, the error message will indicate which repositories failed.
  </Step>

  <Step title="Save">
    Click **Save** to complete the integration.
  </Step>
</Steps>

## After Connection

Once JFrog Artifactory is connected, Backline will:

1. Validate access to all configured repositories
2. Discover and import container images
3. Display images in your Backline inventory

## Image Discovery

Backline collects:

* All tagged images in connected Docker repositories
* Image metadata and tags
* Repository information

<Note>
  Initial image discovery may take time depending on the number of images. Backline performs incremental updates for efficiency.
</Note>

## URL and Image Format

### JFrog Cloud

```
Registry URL: yourcompany.jfrog.io
Image format: yourcompany.jfrog.io/<repository-key>/<image-name>:<tag>
Example: mycompany.jfrog.io/docker-local/my-app:1.0.0
```

### Self-Hosted

```
Registry URL: <your-artifactory-host>:<port>
Image format: <your-artifactory-host>:<port>/<repository-key>/<image-name>:<tag>
Examples:
  artifactory.internal.com/docker-prod/backend-service:latest
  localhost:8082/docker-local/my-app:1.0.0
```

## Managing the Integration

### Updating Configuration

To update the integration settings:

1. Open the **Integration Hub**
2. Click on the **JFrog Artifactory** integration
3. Update the URL, credentials, or repository keys as needed
4. Click **Test Connection** to verify changes
5. Click **Save**

### Adding More Repositories

To add additional Docker repositories:

1. Open the JFrog Artifactory integration settings
2. Add new repository keys to the existing list (comma or semicolon separated)
3. Test the connection to verify access to all repositories
4. Save the changes

### Disconnecting

To remove the JFrog Artifactory integration:

1. Go to the **Integration Hub**
2. Click on the **JFrog Artifactory** integration
3. Select **Disconnect**
4. Confirm your decision

<Warning>
  Disconnecting will stop container image collection. Existing image data will remain but won't be updated.
</Warning>

## Troubleshooting

### Authentication Failed

If you see "authentication failed: invalid credentials or insufficient permissions":

* If using username + token: Verify the username matches the account that owns the token
* Check that the access token hasn't expired
* Ensure the user/token has READ permission on the specified repositories

### Authentication Failed with Access Token (No Username)

If authentication fails when using an Access Token without a username:

* Verify your token is a modern **Access Token** or **Identity Token** (not a legacy API Key)
* Try adding your username - some tokens may require it depending on how they were created
* Check that the token has not expired
* Ensure the token has READ permission on the Docker repositories

### Repository Not Found

If you see "repository access failed for: \[repository-key]":

* Verify the repository key is spelled correctly
* Check that the repository exists in your Artifactory instance
* Ensure the repository is of type **Docker**

### Connection Timeout

If the connection times out:

* For self-hosted instances, verify the URL is reachable from the internet
* Check firewall rules allow incoming connections
* Verify the Artifactory service is running

### Self-Hosted SSL Issues

If you experience SSL certificate errors with self-hosted instances:

* Ensure your SSL certificate is valid and not expired
* For internal CAs, you may need to use HTTP (not recommended for production)