# JFrog Xray

Delivery-Shield has been enhanced with an integration for JFrog Xray, a vulnerability scanning tool that analyzes artifacts uploaded to the JFrog Artifactory. 

### Usage of JFrog Xray in Delivery Shield

* JFrog Xray is integrated in SSD to retrieve artifact scan data. 
* JFrog Xray analyzes the artifacts uploaded to the JFrog Artifactory. Through this integration, SSD is able to fetch the SBOM (Software Bill of Materials) and scan results of the artifact from JFrog Xray and store the data in the Dgraph database.

### To Integrate JFrog Xray:

1. Navigate to **Setup** > **Integrations**.
2. In the **Artifact** panel, click JFrog Xray.

<figure><img src="https://2047464521-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-MBEa1hoX6SqpDj-ymNs%2Fuploads%2Fu9wNUgoghvzgtuFL3L7K%2Fjfrog%20xray.png?alt=media&#x26;token=3d7d2338-d211-408c-bd9b-935e781d097a" alt=""><figcaption></figcaption></figure>

3. The JFrog Xray integration page is displayed.
4. Click **+New Account**. In the popup that appears enter the value for the following fields:

<figure><img src="https://2047464521-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-MBEa1hoX6SqpDj-ymNs%2Fuploads%2F87ZvNggaBYph0jjqAp6E%2Fjfrog%20xray%201.png?alt=media&#x26;token=04932376-af0b-4273-af70-29dd9c37cb4a" alt=""><figcaption></figcaption></figure>

* **Account Name** - Enter the name of your account.&#x20;
* **Host URL** - Enter the JFrog Xray host address from which you access the instance.
* **Username** - Enter a username for the account.
* **Password** - Enter a password for the account.
* Select the **Teams** and the corresponding **Environments** from the dropdown for which you want the integration to be available. The integration will be available for the selected teams and environment only.&#x20;

{% hint style="info" %}
You can select up to 5 teams for the integration to be displayed.&#x20;
{% endhint %}

* A sample is given below for reference:

<figure><img src="https://lh7-rt.googleusercontent.com/docsz/AD_4nXeuMZQzZsZQuulVdW9B9OuffNPoEXqbcpcAkYtKVyb7YiTQxbVIt1L4Gh-zshqX2J9MFKIat8x4oWFIGxdg3j1XVagyUNhUAlD_52soyMyd1cy53p6XiYi0LsTjIBfHcybRWl61?key=D9EXoOdGF7oYOBvYaW2GnRWJ" alt=""><figcaption></figcaption></figure>

* In the example above,&#x20;
  * if **Team 1**, **Team 2**, and **Team 3** are selected, only applications associated with these teams can access the integration. Any applications belonging to other teams, such as **Team 4**, will not have access to this account.
  * Even if the user who created this account is also an admin for **Team 4**, the integration account remains restricted and is not available for **Team 4**.&#x20;
  * Access to the account is strictly limited to the specified **Teams** and **Environments** selected during account creation.
* **For Organization Admins:**
  * When an **Organization Admin** creates an account without selecting specific **Teams** and **Environments**, the account will be universally applicable, granting access to **all teams** and **all environments** by default.
* **For Team Admins with Multiple Teams:**<br>
  * If a **Team Admin** who manages multiple teams creates an account without specifying particular **Teams** and **Environments**, the account will only be accessible to the teams for which the logged-in user holds admin privileges.

5. Click **Test** to check if the entered values are valid. If the given values are valid, a popup appears indicating it.&#x20;
6. Once validated, click **Save**. The tool is connected.

\
\
\ <br>