Add a JFrog CLI server configuration

Use jf config add to register a JFrog Platform connection in the CLI so that subsequent commands can authenticate. You can add a server through interactive prompts or by passing flags for automation and CI/CD. This topic summarizes command syntax and walks through the most common ways to add a configuration.

This topic covers:

• Add a server interactively
• Add a server non-interactively with an access token
• Add a server non-interactively with a username and password
• Add a server non-interactively with credentials from stdin

Synopsis

jf config add <server-id>

Aliases: none

Where:

• <server-id>: Optional unique ID for this server configuration. If you omit this argument, the CLI uses the ID Default-Server (run jf config add with no server ID, then add any flags you need). See the Options table for non-interactive flags such as --url and --access-token.

Arguments

Options

Examples

Interactive Add

The CLI walks you through URL and authentication choices. No flags are required unless you want to name the server explicitly.

To add a server interactively:

1. Run one of the following. Replace <server-id> with your chosen ID, or omit the argument to use the default ID Default-Server.

   Bash

   jf config add <server-id>

   Where:

   • <server-id>: Optional unique ID for this server. Omit jf config add's first argument entirely if you want Default-Server.

   For example:

   Bash

   jf config add my-server

   Or:

   Bash

   jf config add

2. Complete the prompts. The CLI asks for:

   • JFrog Platform URL
   • Authentication method (access token, username/password, or SSO)
   • The selected credentials
   • Whether to allow insecure TLS (self-signed certificates)

On success, the configuration is saved. Verify with jf config show <server-id> if needed.

Non-Interactive Add with Access Token

To add a server non-interactively with an access token:

1. Run the following command with your platform URL and token. Use --interactive=false so the CLI does not prompt.

   Bash

   jf config add <server-id> --url=<your-server-url> --access-token=<Token> --interactive=false

   Where:

   • <server-id>: Unique ID for this server configuration.
   • <your-server-url>: Base URL of your JFrog Platform (for example, https://acme.jfrog.io/).
   • <Token>: Your JFrog access token. Do not paste real tokens into shared logs or documentation.

   For example:

   Bash

   jf config add prod-server --url=https://acme.jfrog.io/ --access-token=<Token> --interactive=false

On success, the command exits 0 with no output. Verify with: jf config show <server-id>

📘

Note

If your access token is a reference token (not a JWT), the CLI will print a warning that it cannot extract the token payload. The configuration is still saved. If you use package managers that require basic authentication (for example, npm or Maven), also supply --user=<username> alongside the token.

Non-Interactive Add with Username and Password

To add a server non-interactively with a username and password:

1. Run the following command:

   Bash

   jf config add <server-id> --url=<your-server-url> --user=<username> --password=<password> --interactive=false

   Where:

   • <server-id>: Unique ID for this server configuration.
   • <your-server-url>: Base URL of your JFrog Platform.
   • <username>: JFrog username.
   • <password>: Password or API key.

   For example:

   Bash

   jf config add prod-server --url=https://acme.jfrog.io/ --user=build-bot --password=<password> --interactive=false

On success, the command exits 0 with no output. Verify with: jf config show <server-id>

Non-Interactive Add via stdin (CI/CD recommended)

For CI/CD pipelines, pipe credentials via stdin to avoid exposing them in process listings.

To add a server non-interactively using a token from stdin:

1. Pipe the token into the CLI:

   Bash

   echo "$MY_TOKEN" | jf config add <server-id> --url=<your-server-url> --access-token-stdin --interactive=false

   Where:

   • <server-id>: Unique ID for this server configuration.
   • <your-server-url>: Base URL of your JFrog Platform.
   • $MY_TOKEN: Environment variable or secret holding the access token (not shown in the command line).

   For example:

   Bash

   echo "$MY_TOKEN" | jf config add ci-server --url=https://acme.jfrog.io/ --access-token-stdin --interactive=false

Important Notes

• Server ID restrictions: The server ID cannot be delete, use, show, or clear — these are reserved words. Use descriptive names like my-server, prod-artifactory, or ci-server.
• --url is required for non-interactive use: When --interactive=false, you must provide --url. Omitting it will silently create an incomplete configuration that exits 0 but cannot be used for any operations.
• New server becomes the default: Adding a server automatically sets it as the new default, replacing any previously configured default. To restore your previous default after adding a new server, run jf config use <previous-server-id>.
• Encryption: If JFROG_CLI_ENCRYPTION_KEY is set when you add a configuration, the credentials are encrypted. You must set the same key in every session that uses this configuration. If you lose the key, remove the config and re-add it.
• Token refresh: By default, the CLI exchanges username/password for an access token and refreshes it automatically. Use --basic-auth-only to disable this behavior if needed for external tool compatibility. Use --disable-token-refresh to prevent automatic token refresh.
• Overwriting: If a server with the same ID already exists, the command fails unless you pass --overwrite.
• Password from stdin: For CI/CD security, use --password-stdin or --access-token-stdin to pipe credentials instead of passing them as command-line arguments (which may appear in process listings).
• Configuration storage: Configuration is stored in $JFROG_HOME (default: ~/.jfrog/jfrog-cli.conf.v6). Set the JFROG_HOME environment variable to use a custom location.