Auth

sfp server auth

Authenticate with and manage authentication for the SFP server

Commands

• sfp server auth login - Authenticate with the SFP server

• sfp server auth display - Display authentication token information

• sfp server auth list - List all auth tokens stored locally

• sfp server auth clear - Clear all local authentication tokens

sfp server auth login

Authenticate with the SFP server using various authentication strategies. This creates a JWT token stored securely in the keychain for subsequent commands.

USAGE
  $ sfp server auth login [--json] [--sfp-server-url <value>] [-e <value>]
    [-p <value>] [--strategy email|oauth] [-g <value>...] [--loglevel
    trace|debug|info|warn|error|fatal|TRACE|DEBUG|INFO|WARN|ERROR|FATAL]

FLAGS
  -e, --email=<value>               Email address for authentication
  -p, --password=<value>            Password for email authentication
  --strategy=<option>               [default: email] Authentication strategy to use
                                    <options: email|oauth>
  --sfp-server-url=<value>          URL of the SFP server
  --json                            Format output as json
  -g, --logsgroupsymbol=<value>...  Symbol used by CICD platform to group/collapse logs
  --loglevel=<option>               [default: info] logging level for this command invocation
                                    <options: trace|debug|info|warn|error|fatal|TRACE|DEBUG|INFO|WARN|ERROR|FATAL>

DESCRIPTION
  Authenticate with the SFP server

  Authentication tokens are stored securely in your system's keychain/credential manager
  and are automatically used for subsequent SFP server commands.

EXAMPLES
  $ sfp server auth login --email [email protected]

  $ sfp server auth login --strategy oauth

  $ sfp server auth login --email [email protected] --password mypassword

  $ sfp server auth login --sfp-server-url https://sfp.example.com --email [email protected]

Authentication Strategies

Email Authentication (Default):

OAuth Authentication:

This will open your browser for OAuth authentication flow.

sfp server auth display

Display information about the current authentication token.

sfp server auth list

List all authentication tokens stored locally.

Output example:

sfp server auth clear

Clear all locally stored authentication tokens.

Best Practices

1. Use OAuth when available: OAuth provides better security than email/password authentication

2. Avoid hardcoding passwords: Use interactive prompts or secure environment variables

3. Regularly rotate tokens: Clear and re-authenticate periodically for security

4. Check token validity: Use auth display to verify token status before operations

Token Storage

Authentication tokens are stored in:

• macOS: Keychain Access

• Windows: Windows Credential Manager

• Linux: Secret Service API (libsecret)

Note: Tokens are stored securely and are not accessible in plain text.

Security: Never share authentication tokens or store them in version control.