Ctrl+K

Command-line interface#

swh auth#

Software Heritage Authentication tools.

This CLI eases the retrieval of a bearer token to authenticate a user querying Software Heritage Web APIs.

swh auth [OPTIONS] COMMAND [ARGS]...

Options

-C, --config-file <config_file>#

Path to configuration file

Default:

/home/jenkins/.config/swh/global.yml

-u, --oidc-server-url <oidc_server_url>#

URL of OpenID Connect server, default to ‘https://auth.softwareheritage.org/auth/

-r, --realm-name <realm_name>#

Name of the OpenID Connect authentication realm, default to ‘SoftwareHeritage’

-c, --client-id <client_id>#

OpenID Connect client identifier in the realm, default to ‘SoftwareHeritage’

Environment variables

SWH_CONFIG_FILENAME

Provide a default for -C

config#

Guided authentication configuration for Software Heritage web services

If you do not already have an account, create one at “https://archive.softwareheritage.org/

swh auth config [OPTIONS]

Options

--username <username>#

OpenID username

--token <token>#

A valid OpenId connect token to authenticate to “https://auth.softwareheritage.org/auth/

generate-token#

Generate a new bearer token for a Web API authentication.

Login with USERNAME, create a new OpenID Connect session and get bearer token.

Users will be prompted for their password, then the token will be printed to standard output.

The created OpenID Connect session is an offline one so the provided token has a much longer expiration time than classical OIDC sessions (usually several dozens of days).

swh auth generate-token [OPTIONS] USERNAME

Options

-p, --password <password>#

OpenID Connect client password in the realm

Arguments

USERNAME#

Required argument

revoke-token#

Revoke a bearer token used for a Web API authentication.

Use TOKEN to logout from an offline OpenID Connect session.

The token is definitely revoked after that operation.

swh auth revoke-token [OPTIONS] TOKEN

Arguments

TOKEN#

Required argument

On this page
Edit
Show Source