Access Entitlements (Advanced)
Like basic entitlements, advanced entitlements allow you to control who has read-only access to your repositories, to download packages and assets. However, you can also limit what access an entitlement has by search, or you can limit how long a token is valid for by time. As a vendor, you can power your license-based distribution with tokens that are dynamically created via the API, based on your customer needs.
Security is paramount at Cloudsmith, and we take pride in taking every precaution to secure the service. All communication and storage is encrypted in-transit and at-rest (with 256-bit or hardware-based encryption). Checksums and GPG signatures are provided to detect tampering. For increased trust you can also provide your own GPG key for signing.
Access your packages and APIs via custom named domains, specified by you. If your company brand and trust is important to you and your customers, custom domains will allow you to present your own company as the endpoint for distribution, APIs and configuration (e.g. retrieving GPG keys). If you're a vendor, you'll likely want this when distributing.