Authentication commands

Except for the administration commands, all Akamas commands representing Akamas operation require authentication.

Command
Description

login

logout

Login

The CLI supports two different methods to authenticate with the Akamas server:

  • direct login: performs the authentication using the username and password provided directly to the CLI

  • oauth2: performs the authentication redirecting the user to Akamas' login page

Akamas users linked to external identity providers can only authenticate using the oauth2 method. For more details, refer to Configure an external identity provider.

By default, the CLI authenticates using the direct login unless the user provides the argument --method direct|oauth2 or sets it in the local configuration with the akamas set config --method direct|oauth2 command.

Direct login

Local users (not linked to any external identity provider) can authenticate by providing the credentials as arguments to Akamas CLI:

akamas login -u <user> -p <password> -w <workspace>
  • When the user or password are not provided as arguments, the CLI will prompt for their value. Be aware that passing the password as an argument may store it in the terminal history, so is advised to provide it through the secure prompt.

  • If the workspace is specified and the user has access to it, it will be set as the default workspace for the session.

  • If the login is successful, a message like the following will be printed: <username> logged in. Welcome."

  • If the login fails because the credentials are wrong or the user is not authorized to access, the error message "Login failed: Invalid user credentials" will be printed.

Oauth2 login

All Akamas users can authenticate through the login page provided by the UI by running the following command:

akamas login -m oauth2

This command is available since version 2.8.0 of the cli

The CLI will provide you with a link to the login page of the configured Akamas instance, similar to the following:

Please authenticate using the link below:
https://sample.akamas.io/auth/realms/akamas/protocol/openid-connect/auth?response_type=code&client_id=akamas&redirect_uri=https%3A%2F%sample.akamas.io%2Fcode&scope=profile+openid+email&state=RqHfdZSvuC5W15WzbRsECBezRKgncf

Insert the code provided at the end of the authentication process:

Open the browser on the provided link and authenticate using your local user or any configured identity provider. Once successfully authenticated, the UI will provide you with a code: paste it into the CLI prompt to complete the login process.

Reference

The full reference for the Akamas login command is.

akamas login [-m|--method direct|] [-u|--user USERNAME] [-p|--password PASSWORD] [-w|--workspace WORKSPACE] 

If one of the environmental variables is specified, the corresponding parameter will not be asked to the user. Workspace is not needed for login.

Option
Short
Description
Environment Variable
Required

--method

-m

Authentication method.

no

--user

-u

Username for the direct authentication method. If not specified will be requested by prompt.

AKAMAS_USER

no

--password

-p

Password for the direct authentication method. If not specified will be requested by a prompt. Be aware that providing it as an argument may store it in the terminal's history.

AKAMAS_PASSWORD

no

--workspace

-w

Set a default workspace for the session. The user should have access to the workspace specified

AKAMAS_WORKSPACE

no

Logout

When logged in, this command will log out the current user

akamas logout

On success the message "Logout successful." will be printed.

Last updated