Page Contents

Overview

Bintray offers a variety of security capabilities to enable strong authentication of users as well as strict access control over private content.

Authentication

There are different ways for a user to be authenticated through the Bintray UI and when using the Bintray REST API.

Bintray sign in dialog

User/Password

As the most basic form of authentication, when signing up to Bintray you need to select a username and password with which you can log on to Bintray and use its REST API.

OAuth Integration

Bintray is integrated with a number of OAuth providers, so once you have created your Bintray account with a username and password, you may log on to future sessions on the Bintray UI using your GitHub, Twitter or Google+ credentials.

API Keys

Bintray lets you generate and manage an API key which can be used for authentication in REST API calls. This lets you access Bintray’s features through the REST API without having to expose your username and password over the connection.

SAML Integration

Bintray supports SAML based single-sign-on (SSO) so users who want to access your organization’s assets may be authenticated through your corporate SAML server.

For more information on authentication in Bintray, please refer to Editing Your User Profile.

Access Control

On the OSS plan, any content you upload to Bintray is publicly available. Anyone can download it, even if they don’t have a Bintray account. While you can set up organizations in order to collaborate with others on content in Bintray, if you want to control download access to your repositories and content, you need to upgrade to a Premium plan which gives the ability to create private repositories.

Organizations, Teams, and Permissions

To collaborate with others, you can set up organizations and invite other Bintray users to join. Once you have members in your organizations, you can assign them different levels of authorization to give them corresponding levels of control.

To control download access to your repositories, you need private repositories offered by one of the premium plans. Once you have private repositories, you can control access to them by creating teams and assigning them appropriate permissions.

Signed URLs

Teams and permissions let you control which Bintray users can access your private content, however you may also need to provide access to users who don’t have a Bintray account. Signed URLs give you that ability and let you provide access to individual files to any user (internal or external) for a specified period of time.

Access Entitlements

In many cases, a coherent unit of software is comprised of several files and downloading individual files through signed URLs is not a viable solution. Bintray’s solution for such cases is entitlements. Through access entitlements Bintray lets you exercise fine-grained access control by providing access to anything from a whole repository down to a specific path within a repository. For example, you could use download entitlements to provide access to a Docker image, or even a specific tag within a Docker image.