Skip to main content
Connect JFrog Artifactory to Draftt to monitor artifact versions and detect vulnerabilities across your software supply chain. Draftt scans your Artifactory repositories for outdated packages, EOL runtimes, and dependency risks alongside your cloud infrastructure.

Setup

1

Name your integration

In Draftt, go to Integrations > JFrog Artifactory > Add. Enter a descriptive name to identify this integration in your dashboard.
2

Generate an API key

Open your JFrog user profile page and navigate to the API Keys section to generate a new API key. Paste it into the Draftt setup dialog.
3

Enter your JFrog endpoint

Enter your JFrog Artifactory instance URL. This should be your JFrog cloud instance or self-hosted server URL (e.g. https://your-company.jfrog.io).
4

Select repositories

Specify the repositories to scan as a comma-separated list (e.g. docker-local, npm-local, maven-local). Leave empty to scan all available repositories in your JFrog instance.

What Gets Scanned

Draftt scans your Artifactory repositories for:
  • Lifecycle debt: Packages and base images that have reached end of life or are approaching end of support
  • Version gaps: Dependencies significantly behind current stable releases
  • Vulnerability exposure: Artifacts with known CVEs based on version metadata

Verifying Your Connection

After setup, return to Integrations > JFrog Artifactory in Draftt. A Healthy status means Draftt can access your repositories and is scanning as expected. If Unhealthy, verify that the API key is valid and has not been revoked.