Navigation
GuidesUpdated July 3, 2026

JFrog SaaS Usage Patterns

guidejfrog-saasartifactorypackage-managementdockeryumdnfauthenticationvaultazure

JFrog SaaS Usage Patterns

JFrog SaaS is available at https://centraluhg.jfrog.io. The service account for JFrog SaaS Access in Epic on Azure is '[email protected]'. The password and token for that service account are in Hashicorp Vault. You may also use your own JFrog SaaS username and token once you submit a secure request to add your MSID to group AZU_ARTIFACTORY_USERS.

Throughout this document, <JFROG_USER> is meant to be replaced with an actual JFrog SaaS user name, i.e., the email address associated with a primary MSID or service account. Similarly, <JFROG_TOKEN> is meant to be replaced with an actual JFrog SaaS token which has been generated while logged on as <JFROG_USER>.

RHEL software packages - yum/dnf

System updates

Red Hat Satellite is the preferred delivery mechanism for system updates on servers running RHEL. Do not use JFrog SaaS for system-level installs and updates.

Non-system updates - isolated items

If you need to install isolated components that are not generally available and that have been onboarded onto JFrog SaaS, like vendor-provider application or library patches delivered in RPM format, please proceed as follows:

  • Set environment variables with easily recognizable names to the URL-encoded JFrog SaaS username and token.

Example:

# Set environment variable jfrog_user to URL-encoded JFrog SaaS username
export jfrog_user="$(echo '<JFROG_USER>' | python -c 'import sys, urllib.parse; print(urllib.parse.quote_plus(sys.stdin.read().strip()))')"

# Set environment variable jfrog_token to URL-encoded JFrog SaaS token
export jfrog_token="$(echo '<JFROG_TOKEN>' | python -c 'import sys, urllib.parse; print(urllib.parse.quote_plus(sys.stdin.read().strip()))')"
  • Invoke yum/dnf using JFrog SaaS URL (centraluhg.jfrog.io) and embedding the environment variables defined in the previous step
dnf install https://$jfrog_user:$jfrog_token@centraluhg.jfrog.io/path/to/your/artifact/package.rpm

Non-system updates - packaged items

If the software package you want to install is available on JFrog SaaS only, please proceed as follows:

  • Save the URL-encoded JFrog SaaS username and token to this location: /etc/dnf/vars, with easily recognizable names. Make sure to strip the carriage return/linefeed at the end of the string. To avoid disclosure of the JFrog credentials, remove group and world read permissions.
# Save URL-encoded JFrog SaaS username to /etc/dnf/vars/jfrog_user
sudo sh -c "echo '<JFROG_USER>' | python -c 'import sys, urllib.parse; print(urllib.parse.quote_plus(sys.stdin.read().strip()))' | tr -d '\r\n' > /etc/dnf/vars/jfrog_user && chmod 600 /etc/dnf/vars/jfrog_user"

# Save URL-encoded JFrog SaaS token to /etc/dnf/vars/jfrog_token
sudo sh -c "echo '<JFROG_TOKEN>' | python -c 'import sys, urllib.parse; print(urllib.parse.quote_plus(sys.stdin.read().strip()))' | tr -d '\r\n' > /etc/dnf/vars/jfrog_token && chmod 600 /etc/dnf/vars/jfrog_token"

# Create repository configuration file in /etc/yum.repos.d
# The example below sets up a configuration for Microsoft's applications and tools for RHEL

cat << EOF | sudo tee /etc/yum.repos.d/packages-microsoft-prod.repo
[packages-microsoft-com-prod]
name=Microsoft Production
baseurl=https://\$jfrog_user:\[email protected]/artifactory/glb-rpm-rhel9-microsoft-rem/
gpgkey=repodata/repomd.xml.key
gpgcheck=1
enabled=1
EOF
  • Invoke yum/dnf as usual. No need to specify URLs or authentication data
# Install powershell for RHEL
dnf install powershell

# Install Azure CLI for RHEL
dnf install azure-cli

Python modules - pip

In order to configure pip, two steps are required:

  • Create configuration file .netrc in $HOME
  • Create configuration file pip.conf in $HOME/.config/pip

Example

# Create ~/.netrc
# Note that user and token are entered verbatim - no whitespace stripping or URL encoding
cat << EOF > ~/.netrc
machine centraluhg.jfrog.io
  login <JFROG_USER>
  password <JFROG_TOKEN>
EOF

# Create ~/.config/pip/pip.conf
cat << EOF > ~/.config/pip/pip.conf
[global]
index-url = https://centraluhg.jfrog.io/artifactory/api/pypi/glb-pypi-vir/simple
trusted-host = centraluhg.jfrog.io
EOF
  • Invoke pip as usual. No need to specify URLs or authentication data
pip install <PYTHON PACKAGE>

# or

python -m pip install <PYTHON PACKAGE>

Retrieval of generic artifacts - wget

wget requires both the username and token to be URL-encoded, and the token to be passed as an 'Authorization: Bearer' HTTP header

# Set environment variable jfrog_user to URL-encoded JFrog SaaS username
export jfrog_user=$(echo '<JFROG_USER>' | python -c 'import sys, urllib.parse; print(urllib.parse.quote_plus(sys.stdin.read().strip()))' | tr -d '\r\n')

# Set environment variable jfrog_token to URL-encoded JFrog SaaS token
export jfrog_token=$(echo '<JFROG_TOKEN>' | python -c 'import sys, urllib.parse; print(urllib.parse.quote_plus(sys.stdin.read().strip()))' | tr -d '\r\n')

# Invoke wget. Mind the double quotes in the header specification!
wget --header="Authorization: Bearer $jfrog_token" https://$jfrog_user@centraluhg.jfrog.io/path/to/artifact

Docker images - docker

In order to pull Docker images from JFrog SaaS, you need to log in first using the docker login command. The username is your JFrog SaaS user name, and the password is your JFrog SaaS token.

# Log in to JFrog SaaS Docker registry
docker login centraluhg.jfrog.io --username '<JFROG_USER>' --password-stdin '<JFROG_TOKEN>'

Ansible - get_url & win_get_url modules

In order to pull artifacts from JFrog SaaS, populate the attributes url_username and url_password with your personal or service account JFrog SaaS URL-encoded username and token

- name: Get artifacts from JFrog SaaS - example
    get_url:
      url: https://centraluhg.jfrog.io/path/to/artifact
      dest: /path/to/local/file
      url_username: "{{ username }}"
      url_password: "{{ token }}"