circle-info
Read on newly released AI assisted Insights
flxbl docsarrow-up-right
search
Learn CD Concepts using LabsslackGitHub

Auth

hashtag
sfp server auth

Authenticate with and manage authentication for the SFP server

hashtag
Commands

hashtag
sfp server auth login

Authenticate with the SFP server using various authentication strategies. This creates a JWT token stored securely in the keychain for subsequent commands.

USAGE
  $ sfp server auth login [--json] [--sfp-server-url <value>] [-e <value>]
    [-p <value>] [--strategy email|oauth] [-g <value>...] [--loglevel
    trace|debug|info|warn|error|fatal|TRACE|DEBUG|INFO|WARN|ERROR|FATAL]

FLAGS
  -e, --email=<value>               Email address for authentication
  -p, --password=<value>            Password for email authentication
  --strategy=<option>               [default: email] Authentication strategy to use
                                    <options: email|oauth>
  --sfp-server-url=<value>          URL of the SFP server
  --json                            Format output as json
  -g, --logsgroupsymbol=<value>...  Symbol used by CICD platform to group/collapse logs
  --loglevel=<option>               [default: info] logging level for this command invocation
                                    <options: trace|debug|info|warn|error|fatal|TRACE|DEBUG|INFO|WARN|ERROR|FATAL>

DESCRIPTION
  Authenticate with the SFP server

  Authentication tokens are stored securely in your system's keychain/credential manager
  and are automatically used for subsequent SFP server commands.

EXAMPLES
  $ sfp server auth login --email [email protected]

  $ sfp server auth login --strategy oauth

  $ sfp server auth login --email [email protected] --password mypassword

  $ sfp server auth login --sfp-server-url https://sfp.example.com --email [email protected]

hashtag
Authentication Strategies

Email Authentication (Default):

OAuth Authentication:

This will open your browser for OAuth authentication flow.

hashtag
sfp server auth display

Display information about the current authentication token.

hashtag
sfp server auth list

List all authentication tokens stored locally.

Output example:

hashtag
sfp server auth clear

Clear all locally stored authentication tokens.

hashtag
Best Practices

  1. Use OAuth when available: OAuth provides better security than email/password authentication

  2. Avoid hardcoding passwords: Use interactive prompts or secure environment variables

  3. Regularly rotate tokens: Clear and re-authenticate periodically for security

  4. Check token validity: Use auth display to verify token status before operations

hashtag
Token Storage

Authentication tokens are stored in:

  • macOS: Keychain Access

  • Windows: Windows Credential Manager

  • Linux: Secret Service API (libsecret)

Note: Tokens are stored securely and are not accessible in plain text.

Security: Never share authentication tokens or store them in version control.

Last updated