Use API Endpoints via CLI
Use the jf api command to invoke any JFrog Platform HTTP API directly from the JFrog CLI using your configured server URL and credentials.
The CLI automatically uses the configured hostname and authentication from jf config, or you can override them with --url, --access-token, or --server-id.
Use jf api with all JFrog Platform APIs, including:
- Platform Administration
- Binary Management (Artifactory)
- Security
- Governance (AppTrust)
- Integrations
- Project Management
Benefits of JF API
jf api provides:
- Unified access to all JFrog APIs from one CLI command
- Reuse of existing CLI authentication and configuration
- Easier scripting and automation
- Direct GraphQL and REST API access
- Faster experimentation without a separate curl authentication setup
Prerequisites
To use jf api, verify the following:
- JFrog CLI installed, version 2.100.0 or later
- At least one server configured with
jf config add, or--urland credentials passed inline
Synopsis
jf api <endpoint-path>Aliases: none
Arguments
The following table lists command arguments.
| Argument | Required | Description |
|---|---|---|
<endpoint-path> | Yes | API path on the JFrog Platform host. The configured platform base URL is prepended automatically |
Options
The following table lists command options.
| Option | Description |
|---|---|
--access-token | JFrog access token |
--client-cert-path | Client certificate in PEM format |
--client-cert-key-path | Private key for client certificate |
-d, --data | Request body as a literal string |
--input | Read request body from file or stdin (-) |
-H, --header | Add HTTP request header (repeatable) |
-X, --method | HTTP method. Default: GET |
--server-id | Target configured server |
--timeout | Request timeout in seconds. 0 means no timeout |
--url | Override JFrog Platform URL |
--user | Username |
--password | Password |
--insecure-tls | Skip TLS certificate verification |
--disable-token-refresh | Disable automatic access token refresh |
--ssh-key-path | SSH private key path |
--ssh-passphrase | SSH key passphrase |
--verbose | Print full HTTP request and response to stderr |
Examples
Access REST APIs
List Users
To list all users in Access:
Request:
jf api /access/api/v2/usersResponse:
{
"users": [
{
"username": "admin",
"realm": "internal",
"status": "enabled",
"uri": "/access/api/v2/users/admin"
}
]
}Get a User by Name
To get details for a single user:
Request:
jf api /access/api/v2/users/adminResponse:
{
"username": "admin",
"email": "[email protected]",
"admin": true,
"effective_admin": true,
"profile_updatable": true,
"disable_ui_access": false,
"internal_password_disabled": false,
"last_logged_in": "2024-07-17T13:43:28.608Z",
"password_expired": false,
"password_last_modified": "2023-07-04T14:14:46.064Z",
"realm": "internal",
"groups": [
"readers"
],
"status": "enabled",
"policy_viewer": true,
"watch_manager": true,
"reports_manager": true,
"policy_manager": true,
"resources_manager": true,
"manage_webhook": false,
"platform_auditor": false
}Create a User
To create a user from a JSON file:
-
Create a
user.jsonfile with the user definition:{ "username": "newuser", "email": "[email protected]", "password": "UseASecurePassword123", "admin": false, "groups": ["readers"] } -
Run:
jf api /access/api/v2/users \ -X POST \ --input ./user.json \ -H "Content-Type: application/json"
To create a user with an inline JSON body:
jf api /access/api/v2/users \
-X POST \
-d '{"username":"newuser","email":"[email protected]","password":"UseASecurePassword123"}' \
-H "Content-Type: application/json"Note
The
--dataand--inputcommand options are mutually exclusive.
Replace a User
To replace an existing user with a new definition:
jf api /access/api/v2/users/newuser \
-X PUT \
--input ./user.json \
-H "Content-Type: application/json"Delete a User
To delete a user:
jf api -X DELETE /access/api/v2/users/tempuserArtifactory APIs
List Repositories
To list all repositories in Artifactory:
jf api /artifactory/api/repositoriesCreate a Local Maven Repository
To create a local Maven repository:
jf api /artifactory/api/repositories/my-maven-local \
-X PUT \
--input ./repo-maven-local.json \
-H "Content-Type: application/json"Update Repository Configuration
To update an existing repository's configuration:
jf api /artifactory/api/repositories/libs-release \
-X POST \
--input ./repo-config.json \
-H "Content-Type: application/json"Delete a Repository
To delete a repository:
jf api /artifactory/api/repositories/old-repo -X DELETESet a Request Timeout
To set a request timeout in seconds:
jf api /artifactory/api/repositories --timeout 10OneModel GraphQL
To run a GraphQL query through OneModel:
jf api /onemodel/api/v1/graphql \
-X POST \
--input ./graphql-query.json \
-H "Content-Type: application/json"Use a Specific Server
To target a non-default configured server:
jf api /access/api/v2/users --server-id=my-serverCommon Errors
The following table lists common errors, causes, and resolutions.
| Error | Cause | Resolution |
|---|---|---|
{"status":401,"message":"Token failed verification: parse"} | The access token has expired or is malformed | Re-run jf config add to update credentials, or generate a new token in the JFrog Platform UI |
{"status":403,...} | Authenticated but insufficient permissions | Use an administrator token, or request the required permissions from your JFrog Platform administrator |
{"status":404,...} | The repository or path does not exist | Verify the repository key and path, and create the repository first if needed |
{"status":403,"message":"Function is not supported when running on the cloud"} on /api/plugins/reload | Endpoint not available on JFrog SaaS | This feature is self-managed only. |
See Also
For more information, see:
Updated 4 days ago