login
Establishes a secure connection to an environment. This command supports signing into an environment using a plain text password, or an encrypted password file containing the password or OAuth 2.0 refresh token. Login using OAuth 2.0 refresh token is supported for OCI (Gen 2) environments only.
You sign in to initiate a session, which remains active until you sign out.
Note:
- This command is not supported for users who are set up for basic authentication with multi-factor authentication (MFA).
- EPM Automate does not support signing in with your organization's SSO credentials.
- EPM Automate does not work with SOCKS proxy; it works only with HTTP/HTTPS proxy.
- When using this command in batch files to automate activities, Oracle recommends that you use encrypted password or OAuth 2.0 refresh token to avoid recording clear text passwords in batch files.
- On Windows computers, this command automatically identifies missing proxy server intermediate security certificate that may prevent you from establishing a connection and adds it to the JRE installed under
C:\Oracle\EPM Automate
. This prevents login errors related to security certificates when using proxy servers to access the internet.On Linux computers, the login command identifies the missing security certificate from the proxy server, downloads it, and display an error. A user with
root
access can then install the downloaded certificate in the JRE available in theJAVA_HOME
identified in the environment variables. See these information sources:- Java Runtime Environment and EPM Automate
- Keytool Java documentation
On signing in, a message to upgrade EPM Automate is displayed if
you are using an older version. You can use the upgrade
command to silently upgrade
your installation.
If you plan to run addUsers, removeUsers, assignRole, or unassignRole command, do not login using the OAuth refresh token. These commands require you to use basic authentication. All other commands work with OAuth 2.0 in OCI (Gen 2) environments.
Applies to
Planning, Planning Modules, FreeForm, Financial Consolidation and Close, Tax Reporting, Account Reconciliation, Profitability and Cost Management, Enterprise Profitability and Cost Management, Oracle Enterprise Data Management Cloud, Narrative Reporting, Sales Planning, and Strategic Workforce Planning.Required Roles
- Service Administrator
- Power User
- User
- Viewer
Usage
-
Using unencrypted password:
epmautomate login USERNAME PASSWORD URL [IDENTITYDOMAIN] [ProxyServerUserName=PROXY_USERNAME ProxyServerPassword=PROXY_PASSWORD ProxyServerDomain=PROXY_DOMAIN] ] [KeystorePassword=PASSWORD]
-
Using encrypted file:
epmautomate login USERNAME PASSWORD_FILE URL [IDENTITYDOMAIN] [ProxyServerUserName=PROXY_USERNAME] [
ProxyServerPassword
=PROXY_PASSWORD] [ProxyServerDomain=PROXY_DOMAIN] [KeystorePassword=KEYSTORE_PASSWORD]
In these commands:
USERNAME
is the user name of the user.PASSWORD
is the password of the user.PASSWORD_FILE
is the name and location of the file that stores the encrypted password or OAuth 2.0 refresh token of the user. See theencrypt
command.URL
is the base URL of the environment to which to connect. You may use a custom or vanity URL in place of the Oracle Enterprise Performance Management Cloud URL. See Using Vanity URLs in Getting Started with Oracle Enterprise Performance Management Cloud for AdministratorsNote:
If using an API gateway or reverse proxy, use its URL and the context defined for your environment in place of the EPM Cloud URL.IDENTITYDOMAIN
, optionally, is the identity domain of the environment.This value is derived automatically from the EPM Cloud URL; any value you specify is ignored. However, this value is required if you are using an API gateway or reverse proxy URL to connect to a Classic EPM Cloud environment.
ProxyServerUserName
is the user name to authenticate a secure session with the HTTP proxy server that controls access to the internet. Specify the user name without prefixing a domain name prefix. Required only if authentication at proxy server is enabled for your network.ProxyServerPassword
is the password to authenticate the user with the proxy server. Required only if authentication at proxy server is enabled for your network. This password can be encrypted. See theencrypt
command. If this password is encrypted, it is read from thePASSWORD_FILE
.ProxyServerDomain
is the name of the domain defined for the HTTP proxy server (not the server name or the proxy server host name). Required only if authentication at proxy server is enabled for your network and a proxy server domain is configured.KeystorePassword
, optionally, is the keystore password required for importing proxy server security certificate. Use this parameter only on Windows, and only if you are faced with the following errors in environments where a proxy server is being used to channel internet access:EPMAT-7: Unable to connect as few SSL certificates are missing in the keystore
EPMAT-7: Unable to connect as above-mentioned SSL certificates are missing in the keystore
Note:
EPM Automate detects and uses the HTTP/HTTPS proxy settings on your computer.EPM Automate supports the following authentication mechanisms to connect to the proxy server:
- Basic authentication
- Digest authentication
- Kerberos authentication
- Negotiate proxy authentication
- NTLM authentication
The available authentication method and its configuration depends on the proxy server you are using.
On Linux computers, if the proxy settings require you to authenticate with the proxy server, you must enter the proxy server domain, user name, and password as parameters to this command. Contact your network administrator for help with proxy server domain name and credentials.
Examples
- Using an unencrypted EPM Cloud password, no
proxy authentication:
epmautomate login serviceAdmin P@ssword1 https://test-cloud-pln.pbcs.us1.oraclecloud.com
- Using an encrypted file, no proxy authentication:
epmautomate login serviceAdmin C:\mySecuredir\password.epw https://test-cloud-pln.pbcs.us1.oraclecloud.com
- Using an encrypted file, if authentication at proxy server is enabled with server domain:
epmautomate login serviceAdmin C:\mySecuredir\password.epw https://test-cloud-pln.pbcs.us1.oraclecloud.com ProxyServerUserName=john.doe@example.com ProxyServerPassword=example ProxyServerDomain=example
- Using an encrypted file, if authentication at proxy server is enabled without a server domain:
epmautomate login serviceAdmin C:\mySecuredir\password.epw https://test-cloud-pln.pbcs.us1.oraclecloud.com ProxyServerUserName=john.doe@example.com ProxyServerPassword=example
- Using encrypted EPM Cloud and proxy server
password, if authentication at proxy server is enabled with a server
domain:
epmautomate login serviceAdmin C:\mySecuredir\password.epw https://test-cloud-pln.pbcs.us1.oraclecloud.com ProxyServerUserName=john.doe@example.com ProxyServerDomain=example
- Using encrypted EPM Cloud and proxy server
password, if authentication at proxy server is enabled without a server
domain:
epmautomate login serviceAdmin C:\mySecuredir\password.epw https://test-cloud-pln.pbcs.us1.oraclecloud.com ProxyServerUserName=john.doe@example.com
- Using an encrypted file with APIGEE API gateway:
epmautomate login serviceAdmin C:\mySecuredir\password.epw https://exampleapigee.apigee.com/epm example_ID_DOM
- Using a vanity URL:
epmautomate login serviceAdmin C:\mySecuredir\password.epw https://rebrand.ly/Automate