7 Authentication

This section describes the Compute Classic CLI commands that you can use to create and refresh an authentication token.

Only authenticated users can run the Compute Classic CLI commands.

There are various ways to authenticate a user. See Setting Up Environment Variables and Files. Creating an authentication cookie and saving it in an environment variable is just one of ways to authenticate a user.

Before running the CLI commands described in this section, make sure that you've installed the CLI client and set up the required environment variables as described in Preparing to Use the CLI.

authentications add

Create an authentication cookie. You can store the value of the cookie in an environment variable, such as OPC_COMPUTE_COOKIE. An authentication cookie lasts for only 30 minutes, so you’ll need to refresh the cookie before it expires.

You can use this command to generate an authentication token and provide it to a third-party, especially when you don’t want to share your Oracle Compute Cloud Service password with a third-party tool.

Here’s the order of precedence (the first option has the highest precedence):

  1. The value that you specify for the OPC_COMPUTE_COOKIE variable.

  2. The values you specify for the command line options, such as -pf and -u.

  3. When you don’t provide command line arguments, the values specified in the environment variables, such as OPC_COMPUTE_USER and OPC_COMPUTE_PASSWORD_FILE, take precedence over the values provided in the profile file.

  4. When you don’t specify values for command line arguments and environment variables, values specified in the profile file are considered.

Syntax

opc compute authentications add password username 

For help with the parameters and options of this command, run the command with the -h option.

Example

The account creation email from Oracle would contain the identity domain name, user name, and password, as shown in the following example:


User credentials are provided in the account creation email that you receive from Oracle.

For example, if your identity domain is acme and the username in your account-creation email is jack.jones@example.com, then the following would be the two-part user name that you must use:

/Compute-acme/jack.jones@example.com

To find out the REST endpoint URL of your service, see Send Requests in REST API for Oracle Compute Cloud Service (IaaS).

opc -f json compute -e api-z999.compute.us0.oraclecloud.com authentications add file://./password.txt /Compute-acme/jack.jones@example.com

Sample Output

Some lines have been truncated with ellipses (...) for readability. When you run the command in your environment, you'll see the full output.

{  "SetCookie": "nimbula=eyJpZGVudGl0eSI6ICJ7XCJyZWFsbVwiOi..." }

refresh-tokens get

Extends the expiry of the authentication token by 30 minutes from the time you run the command. Authentication tokens expire in 30 minutes. This command extends the expiry of the current authentication token, but not beyond the session expiry time, which is 3 hours.

Prerequisite

Before running this command, set the value of the OPC_COMPUTE_COOKIE environment variable with the response received when you run the authentications add command.

For example, if the response that you have received while running the authentications add command is:

{
 "SetCookie": "nimbula=eyJpZGVudGl0eSI6ICJ7XCJyZWFsbVwiOiBcImNvbXB1dGUtZW0yLXoxN1wiLCBcInZhbHVlXCI6IFwie1xcXCJjdXN0b21lclxcXCI6IFxcXCJDb21wdXRlLWRvY2V4YW1wbGVcXFwiLCBcXFwicmVhbG1cXFwiOiBcXFwiY29tcHV0ZS1lbTItejE3XFxcIiwgXFxcImVudGl0eV90eXBlXFxcIjogXFxcInVzZXJcXFwiLCBcXFwic2Vzc2lvbl9leHBpcmVzXFxcIjogMTQ4Mjg0MTQzOS45MjUwMDksIFxcXCJleHBpcmVzXFxcIjogMTQ4MjgzMjQzOS45MjUwMzY5LCBcXFwidXNlclxcXCI6IFxcXCIvQ29tcHV0ZS1kb2NleGFtcGxlL1N5bGFqYVxcXCIsIFxcXCJncm91cHNcXFwiOiBbXFxcIi9Db21wdXRlLWRvY2V4YW1wbGUvQ29tcHV0ZS5Db21wdXRlX09wZXJhdGlvbnNcXFwiXX1cIiwgXCJzaWduYXR1cmVcIjogXCJhdXZxeHRXM080Y0FSZ3psUVB4Q05JTCswMUZSeDNlY1ZjaDNIVHhETDViemZZY2kzVDkrejFSUSsvUlJBRFpZUm4zUE1kcVRGZGc1b01ZYVhEUWd6a2l3eXd0TU1KQzNTT1MxZHdhc2hXYXVFV3NERmVxN21tMkhFd21WMFk4RE1wVHY0UDZCLzR5ZUxVT0VrcnVoNGNHMkNvNlEvMnVHRjA4dGdITWVNMHM1Q1NFcnZqZERNcmJaT0l4M0ZtalA0QmgyTjNWYXVlK01GS0h4MmNKQ3d1UDFCTUc0NjVqT2F1eEV0djU4TitJanp6NWhmT0hkWW9kVTNZNk0wbUJzcDRaS1lndC9IVkZPclpOK05jN3JFQkhWSmZkSW44cWh3YW0yUFAra2JJMmo2RGozSUJNSkpDSVFYZXJzT2ZXYWVSWEdyWlN1MEV6WWd1dmJiSXJlMUE9PVwifSJ9; Path=/; Max-Age=1800"
}

You’ll set the value of the OPC_COMPUTE_COOKIE environment variable as by excluding nimbula and including values only till the first semicolon.

export OPC_COMPUTE_COOKIE='eyJpZGVudGl0eSI6ICJ7XCJyZWFsbVwiOiBcImNvbXB1dGUtZW0yLXoxN1wiLCBcInZhbHVlXCI6IFwie1xcXCJjdXN0b21lclxcXCI6IFxcXCJDb21wdXRlLWRvY2V4YW1wbGVcXFwiLCBcXFwicmVhbG1cXFwiOiBcXFwiY29tcHV0ZS1lbTItejE3XFxcIiwgXFxcImVudGl0eV90eXBlXFxcIjogXFxcInVzZXJcXFwiLCBcXFwic2Vzc2lvbl9leHBpcmVzXFxcIjogMTQ4Mjg0MTQzOS45MjUwMDksIFxcXCJleHBpcmVzXFxcIjogMTQ4MjgzMjQzOS45MjUwMzY5LCBcXFwidXNlclxcXCI6IFxcXCIvQ29tcHV0ZS1kb2NleGFtcGxlL1N5bGFqYVxcXCIsIFxcXCJncm91cHNcXFwiOiBbXFxcIi9Db21wdXRlLWRvY2V4YW1wbGUvQ29tcHV0ZS5Db21wdXRlX09wZXJhdGlvbnNcXFwiXX1cIiwgXCJzaWduYXR1cmVcIjogXCJhdXZxeHRXM080Y0FSZ3psUVB4Q05JTCswMUZSeDNlY1ZjaDNIVHhETDViemZZY2kzVDkrejFSUSsvUlJBRFpZUm4zUE1kcVRGZGc1b01ZYVhEUWd6a2l3eXd0TU1KQzNTT1MxZHdhc2hXYXVFV3NERmVxN21tMkhFd21WMFk4RE1wVHY0UDZCLzR5ZUxVT0VrcnVoNGNHMkNvNlEvMnVHRjA4dGdITWVNMHM1Q1NFcnZqZERNcmJaT0l4M0ZtalA0QmgyTjNWYXVlK01GS0h4MmNKQ3d1UDFCTUc0NjVqT2F1eEV0djU4TitJanp6NWhmT0hkWW9kVTNZNk0wbUJzcDRaS1lndC9IVkZPclpOK05jN3JFQkhWSmZkSW44cWh3YW0yUFAra2JJMmo2RGozSUJNSkpDSVFYZXJzT2ZXYWVSWEdyWlN1MEV6WWd1dmJiSXJlMUE9PVwifSJ9'

Syntax

opc compute refresh-tokens get

For help with the parameters and options of this command, run the command with the -h option.

Example

opc compute -e api-z999.compute.us0.oraclecloud.com -u /Compute-acme/jack.jones@example.com refresh-tokens get

Sample Output

{}