1. Home
  2. Integrations
  3. Integration with JFrog Xray
Searching...

Integration with JFrog Xray

Contents

This article covers the steps required to integrate your Phoenix Security account with JFrog Xray, for which you have the required credentials.

Prerequisites
– In order to create a new scanner integration you should have access to the Phoenix platform as an Organisation Admin user.
– Have a JFrog log in and be a valid user with the role Privileged user

JFrog Xray API Credentials

Ideally, a new user should be created for the integration credentials.

In the screenshot below there is an example of the Roles required for the user. It is also suggested to disable UI access, since these credentials would only be used for API access.

You will need the user’s Username and Password to later configure the integration within Phoenix.

Create a JFrog Xray Integration

  1. On the sidebar menu, navigate to the Scanners tab in the Integrations section.
  1. Click on the JFrog Xray scanner to create a new integration. If there’s already an existing JFrog Xray scanner integration, click on the three dots in the top right corner of the scanner and then select Create new scanner integration.
  1. Next you need to provide the required details for the scanner integration. In the case of JFrog Xray you need to provide:
  • Server URL – URL of your organization’s JFrog Xray account.
  • Username – User account created above
  • Password – Password from account created above
  1. The next step is to select the targets you would like to fetch.
  1. Selecting Fetch everything will fetch all data from all targets from the scanner, including any new targets that may be found in the future. You may now select Save Scanner and be done with the process. If you change your mind you can edit target selection at a later time.
  1. If you desire to choose which targets are being fetched select Choose targets to fetch you will be prompted to select which targets to include/exclude and then save the scanner.
  • Select targets to INCLUDE : only data from selected targets will be fetched. Keep in mind that selecting all targets isn’t the same as selecting Fetch everything as it will only collect the ones that are selected and any new targets that may be found in the future will not be included in the fetch. 
  • Select targets to EXCLUDE : only data from selected targets will be excluded from the fetch. Any new targets that may be found in the future will be included.

For a more detailed guide on target selection check out our Creating a New Scanner Integration guide.

Unless there are issues with the credentials, the new scanner will appear in your list of integrations (under Integrations > Scanners) and the platform will start to collect asset and vulnerability details from all Subscriptions available through the integration credentials.

All the scanner’s assets and vulnerabilities will be automatically added to your account’s Default Applications and Environments, and will be available to start assigning them to user-created Applications as required.

Updated on October 28, 2025
Tagged:

Related Articles

x Powerful Protection for WordPress, from Shield Security
This Site Is Protected By
Shield Security