Log in to the JFrog Platform with the CLI
The jf login command opens a browser-based sign-in flow so you can authenticate to a JFrog Platform without typing passwords into the terminal. It is supported on Artifactory 7.64.0 and above and is intended for interactive workstations with a local browser.
Prerequisites
To use jf login, verify the following:
- JFrog CLI installed (
jf --version) - Artifactory 7.64.0 or above on the target platform
- A browser available in your environment (not supported in headless/SSH sessions)
- Your JFrog Platform URL (for example,
https://yourcompany.jfrog.io)
Synopsis
jf loginAliases: none
Arguments
| Argument | Required | Description |
|---|---|---|
| (none) | — | This command takes no arguments |
Options
This command has no flags.
Examples
Log in via Web Browser
To complete browser-based login:
- Run:
jf login- Follow the 5-step flow split between the CLI and your browser:
Step 1 — Server selection
If you already have server configurations, the CLI presents an interactive menu. Use the arrow keys to select the server you want to log in to, then press Enter. To add a brand-new platform, select [New Server] and enter your platform URL when prompted.
Use the arrow keys to navigate: ↓ ↑
Select whether to create a new server configuration or to web login to an existing one:
> [New Server]
my-serverStep 2 — Note the code and URL
The CLI prints a 4-character verification code and an authentication URL:
[Info] After logging in via your web browser, please enter the code if prompted: f087
[Info] Please open the following URL in your browser to authenticate:
[Info] https://yourcompany.jfrog.io/ui/login?jfClientSession=...&jfClientName=JFrog-CLI&jfClientCode=1Important
Note the 4-character code — you will need it in Step 4.
Step 3 — Log in via browser
Open the URL in your browser. Complete your normal login (username/password, SSO, MFA, and so on). If the browser does not open automatically, copy and paste the URL manually.
Step 4 — Enter the verification code
After logging in, your browser displays a "Verify Extension" screen:
Please enter the code that you received from JFrog-CLI
Type the 4-character code from Step 2 and click Verify.
Step 5 — Confirm success
The browser shows:
SUCCESSFUL LOGIN — Please go back to JFrog-CLI
You can close the browser tab. The CLI stores an access token and refresh token automatically.
When to Use
Use jf login for interactive developer workflows when you want the simplest authentication experience. The browser handles SSO (SAML, OAuth), MFA, and other identity provider flows automatically.
Do not use jf login when:
- Running in CI/CD pipelines (no browser available) — use
jf config add --access-tokenor environment variables instead - Running in headless/SSH environments — use
jf config addwith token-based auth - You need scripted/automated authentication — use
jf config add --interactive=false
Important Notes
- Requires Artifactory 7.64.0 or above. Earlier versions do not support browser-based login.
- The CLI stores an access token and refresh token in
~/.jfrog/. Password-based auth is replaced by the token. You do not need to log in again until the session expires. - The CLI prints the authentication URL and may open it automatically in your default browser. If no browser opens, copy the URL and paste it manually.
- You have approximately 5 minutes to complete the browser login. If the CLI times out, run
jf loginagain — a new session and code are generated each time. - If an error occurs, the CLI prints a Trace ID (for example,
Trace ID for JFrog Platform logs: abc123). Provide this ID to JFrog Support to help diagnose server-side issues. - The login updates the server configuration in place. Run
jf config showafter login to verify the updated server ID and authentication method. - If
jf loginis interrupted mid-operation, the server configuration may be left in a partially updated state (the server ID may have changed). Runjf config showto check, and use the current server ID in subsequent commands.
Expected Output
After running jf login and selecting a server, the CLI prints:
[Info] After logging in via your web browser, please enter the code if prompted: f087
[Info] Please open the following URL in your browser to authenticate:
[Info] https://yourcompany.jfrog.io/ui/login?jfClientSession=...&jfClientName=JFrog-CLI&jfClientCode=1After completing the browser flow (Steps 3–4), the CLI prints:
Login succeeded. Server configuration saved.If the session times out before authentication completes:
[Info] Trace ID for JFrog Platform logs: abc123...
[Error] Attempting to get authentication token from the JFrog platform... executor timeout after 100 attempts with 3000 milliseconds wait intervalsTroubleshooting
To resolve a failed or confusing jf login run, use this table:
| Symptom | Likely Cause | Fix |
|---|---|---|
executor timeout after 100 attempts | Browser login was not completed within ~5 minutes | Run jf login again to start a new session |
| "Login has failed. Incorrect username/password or locked user" in browser | Wrong credentials or account locked | Verify your credentials; contact your admin if the account may be locked |
Server ID 'xxx' does not exist after an interrupted login | An interrupted jf login may have renamed the server ID | Run jf config show to find the current server ID and update any references to it |
| Browser shows "Verify Extension" but you missed the code | The 4-character code printed by the CLI before the URL was not noted | Run jf login again — a new code is generated each time |
| Browser does not open automatically | OS default browser not configured, or running in a restricted environment | Copy the URL printed by the CLI and open it manually in any browser |
Updated 14 days ago