# Configuring Maven

This page explains how to configure the Maven package manager to pull packages from the Seal artifact server based on your existing setup.

Make sure you have the access token for the server ready.

### Pull directly from the artifact server

1. Open the project's `pom.xml` file.
2. If there's no `<repositories>` tag then create one.
3. Add to the `<repositories>` tag the Seal Security repository as the first one, as in the following example:

```xml
<repositories>
  <repository>
    <id>seal</id>
    <url>https://maven.sealsecurity.io/</url>
  </repository>
</repositories>
```

4. Open the Maven settings file, usually located in `~/.m2/settings.xml` in unix-based systems, and `%userprofile%\.m2\settings.xml` in Windows.
5. Add a `<server>` section to the settings file. Note that the `<id>` value must be the same as the value provided in the `pom.xml`:

```xml
<settings>
  <servers>
    <server>
      <id>seal</id>
      <username>${env.PROJECT_ID}</username>
      <password>${env.SEAL_TOKEN}</password>
    </server>
  </servers>
</settings>
```

6. Build your project, setting your token to the artifact server in the `SEAL_TOKEN` environment variable, and putting the project's ID in the `PROJECT_ID` .

```bash
PROJECT_ID=my_project SEAL_TOKEN=<TOKEN> mvn package
```

### Pull using JFrog's Artifactory

1. Go to JFrog's Artifactory configuration and create a new remote Maven repository.
   1. In the Basic configuration, use `seal-mvn` as your Repository Key.
   2. In both the URL field set `https://maven.sealsecurity.io`.
   3. In the User Name field use `jfrog`.
   4. In the Password / Access Token field paste the Production token you created earlier.
2. Turn off the Handle Snapshots option.
3. Save the new repository, and set it as the top priority remote repository in the virtual repository you're using.