Skip to main content
Artifacts supports quick public sharing and stricter controls for private work. Every change runs through the same authorization layer and is recorded in audit history.

Read current access

artifacts artifact access get --artifact-id ARTIFACT_ID

Set who can see it

Access is controlled by two switches plus an optional email allowlist. The CLI takes the whole access object as JSON:
Anyone with the URL can view it.
artifacts artifact access set \
  --artifact-id ARTIFACT_ID \
  --json '{"publicView":true,"publicEdit":false,"viewerEmails":[]}'
Share links grant one role for a single artifact, and can expire. Use editor only when the recipient should be able to update the artifact. 
artifacts share create \
  --artifact-id ARTIFACT_ID \
  --role viewer \
  --expires-at 2026-06-30T12:00:00.000Z
The matching REST routes: 
POST /api/artifacts/:artifactId/share-links
GET  /api/artifacts/:artifactId/share-links
POST /api/share-links/:shareLinkId/revoke
Revoking stops future access through that link while keeping audit records intact.

Review audit events

artifacts audit list --artifact-id ARTIFACT_ID --limit 50
Audit retention depends on your plan:
PlanRetention
Free7 days
Pro90 days
Team365 days

Patterns that work well

  • Public view for artifacts you’ll paste into issues, pull requests, or docs.
  • Private + email allowlist for specific teammates.
  • Expiring viewer share links for ad hoc review.
  • Editor share links sparingly — revoke them once the collaboration window closes.
  • Narrowly scoped API keys for automation.