Reputation: 81
How to generate the API key or token for a service account?
Being a beginner for JFROG Artifactory, I have clarification on a specific use case. Checking if I can get any solutions or directions before hitting the vendor support.
I am using the Artifactory pro v.7.31.10. Is it possible to generate the API Key or Access token by a non-admin individual using JFROG APIs for a service account instead of a human ID at Artifactory?
How can I generate an API key or an access token using Postman? Do I need to pass any parameters (such as for which user) other than having basic authentication at Postman? I couldn't find from the samples in the knowledge documentation.
For the Artifactory HA application which has SAML authentication enabled, I want to restrict users to download artifacts via their scripts using their service account (generic ids), which should be a local account at Artifactory. I am checking for the possibility of obtaining the API key or Access token as an individual developer for their service account at runtime rather than the admin generate a key or token for them.
I have seen samples for admin creates the access token which can be used as a bearer token in curl. Is it possible to achieve the same by a non-admin? Trying to remove the dependency over here.
Upvotes: 4
Views: 19848
Answers (2)
Reputation: 81
Based on my experience, the access token created via UI will not work in DR mode when app is running at a different data center than where it was created, though the circle of trust is enabled for access federation. This seems to be a bug which will be fixed in 7.37, per support.
The only other option to make it work is by calling the api using curl or Postman as admin. Non-admins cannot create an access token for others. However, I couldn't create the access token for myself as an non-admin. This seems to be an issue. While SAML is enabled, I tried to create the access token via browser and couldn't able to proceed. Was getting issue while trying to create via Postman.
At the end, only admin was able to create.
Upvotes: 0
Reputation: 1511
You can use the below REST APIs to generate the API key and the access token,
Note, an admin can create access tokens for any user and a user who is not an admin can only create api keys and access tokens for himself.
Again, non-admin users cannot create api keys and tokens for other users but for himself.
Upvotes: 6
Related Questions
- Artifactory: upload with api key (not password)
- Using Artifactory Java client with API Key?
- How do I create an Access Token from Service Account Credentials using REST API?
- Generate token for Artifactory user
- How do I create a Service Account in Kubernetes and associate a Token to the new Service Account
- How do I generate short lived service account access tokens in Keycloak
- How do I create an Access Token from Service Account Credentials using REST API using JAVA?
- How to create API Keys in GCP using service accont
- Service account key creation in GCP using rest API
- Working of API keys in artifactory