Command-line interface#
swh auth#
Software Heritage Authentication tools.
This CLI eases the retrieval of a bearer token to authenticate a user querying Software Heritage Web APIs.
swh auth [OPTIONS] COMMAND [ARGS]...
Options
- -C, --config-file <config_file>#
Path to configuration file
- Default:
/home/jenkins/.config/swh/global.yml
- -u, --oidc-server-url <oidc_server_url>#
URL of OpenID Connect server, default to ‘https://auth.softwareheritage.org/auth/’
- -r, --realm-name <realm_name>#
Name of the OpenID Connect authentication realm, default to ‘SoftwareHeritage’
- -c, --client-id <client_id>#
OpenID Connect client identifier in the realm, default to ‘SoftwareHeritage’
Environment variables
- SWH_CONFIG_FILENAME
Provide a default for
-C
config#
Guided authentication configuration for Software Heritage web services
If you do not already have an account, create one at “https://archive.softwareheritage.org/”
swh auth config [OPTIONS]
Options
- --username <username>#
OpenID username
- --token <token>#
A valid OpenId connect token to authenticate to “https://auth.softwareheritage.org/auth/”
generate-token#
Generate a new bearer token for a Web API authentication.
Login with USERNAME, create a new OpenID Connect session and get bearer token.
Users will be prompted for their password, then the token will be printed to standard output.
The created OpenID Connect session is an offline one so the provided token has a much longer expiration time than classical OIDC sessions (usually several dozens of days).
swh auth generate-token [OPTIONS] USERNAME
Options
- -p, --password <password>#
OpenID Connect client password in the realm
Arguments
- USERNAME#
Required argument
revoke-token#
Revoke a bearer token used for a Web API authentication.
Use TOKEN to logout from an offline OpenID Connect session.
The token is definitely revoked after that operation.
swh auth revoke-token [OPTIONS] TOKEN
Arguments
- TOKEN#
Required argument