OIDC Integration

JFrog and GitHub Integration Guide

ft:sourceType
Paligo

Who can use this feature?

OIDC integration is available to Enterprise/Enterprise+ customers. For a complete feature comparison by subscription type, refer to the JFrog and GitHub Integration Features Matrix.

Traditional CI/CD pipelines often use long-lived credentials (tokens or username/password combinations) for accessing cloud services and managing deployments. However, these credentials can pose significant security risks and require extensive management, especially during a security breach. Switching to OpenID Connect (OIDC) enhances both security and manageability.

OIDC is a modern and secure authentication protocol that connects GitHub Actions with JFrog Artifactory, streamlining the entire deployment process. This integration facilitates a tokenless experience by connecting GitHub repositories to JFrog projects and simplifying identity management.

Why does it do?

  • Enhanced Security: Provides a secure, future-proof authentication solution, reducing reliance on long-lived credentials.

  • Simplified Authentication: Allows GitHub users to log into the JFrog platform seamlessly.

  • Accelerated Deployment: Streamlines the deployment process from code build in GitHub Actions to artifact management in JFrog Artifactory.

Why is it important?

  • Build Devs: Streamlines operations and reduces maintenance efforts.

  • Security Teams: Lowers security risks and improves monitoring.