Snyk Documentation

How it works

Use the Snyk plugin with your Artifactory repositories to test your artifacts for vulnerabilities and license issues every time you request to download any of them.

  1. The admin installs the plugin within the system files folder on the Artifactory server.
  2. The admin updates the Snyk configurations within the properties file, including the API token and Organization ID.
  3. Snyk authenticates the account configuration using the API token and Organization ID.
  4. When the developer attempts to download an artifact from the Artifactory server to their local environment, Snyk scans and analyzes the artifact against the Snyk vulnerability database for known vulnerabilities and license issues. Snyk saves the results per artifact, on the Artifactory server.
  5. Snyk displays the test results for the selected artifact from Artifactory in the Properties tab, indicating the number of known issues for vulnerabilities and licenses.