Who can use this feature?
OIDC integration is available to Enterprise/Enterprise+ customers. For a complete feature comparison by subscription type, refer to the JFrog and GitHub Integration Features Matrix.
Traditional CI/CD pipelines often use long-lived credentials (tokens or username/password combinations) for accessing cloud services and managing deployments. However, these credentials can pose significant security risks and require extensive management, especially during a security breach. Switching to OpenID Connect (OIDC) enhances both security and manageability.
OIDC is a modern and secure authentication protocol that connects GitHub Actions with JFrog Artifactory, streamlining the entire deployment process. This integration facilitates a tokenless experience by connecting GitHub repositories to JFrog projects and simplifying identity management.
Why does it do?
Enhanced Security: Provides a secure, future-proof authentication solution, reducing reliance on long-lived credentials.
Simplified Authentication: Allows GitHub users to log into the JFrog platform seamlessly.
Accelerated Deployment: Streamlines the deployment process from code build in GitHub Actions to artifact management in JFrog Artifactory.
Why is it important?
Build Devs: Streamlines operations and reduces maintenance efforts.
Security Teams: Lowers security risks and improves monitoring.