pxctl auth
pxctl auth
pxctl auth
Description
Portworx pxctl token based authentication and authorization commandspxctl auth token
pxctl auth token
Description
Manage tokens for use by pxctlExample
pxctl auth token <command> <command flags>
pxctl auth token generate
pxctl auth token generate
Description
Generate a self signed token based on a specified configuration yaml. The configuration defines your identity, roles, and groups to be used when generating a token. e.g. name: Jim Stevens sub: jstevens@portworx.com/jstevens email: jstevens@portworx.com roles: ["system.user"] groups: ["px-engineering", "kubernetes-csi"]Example
pxctl auth token generate --auth-config=<authconfig.yaml> --issuer <issuer> --ecdsa-private-keyfile <ecdsa key file> OR --rsa-private-keyfile <rsa key file> OR --shared-secret <secret>
Flags
Flag | Description |
---|---|
|
Auth account information file providing email, name, etc. Required: true |
|
ECDSA Private file to sign token |
|
Issuer name of token. Do not use https:// in the issuer since it could indicate that this is an OpenID Connect issuer. Required: true |
|
Output token to file instead of standard out |
|
RSA Private file to sign token |
|
Shared secret to sign token |
|
Duration of time where the token will be valid. Postfix the duration by using s for seconds, m for minutes, h for hours, d for days, and y for years. Default value: 1d |