Your organization uses a federated identity provider to login to your Oracle Cloud Infrastructure (OCI) environment. As a developer, you are writing a script to automate some operation and want to use OCI CLI to do that. Your security team doesn’t allow storing private keys on local machines.
How can you authenticate with OCI CLI?
How can you authenticate with OCI CLI?
Correct Answer: C
Token-based authentication for the CLI:
Token-based authentication for the CLI allows customers to authenticate their session interactively, then use the CLI for a single session without an API signing key. This enables customers using an identity provider that is not SCIM-supported to use a federated user account with the CLI and SDKs.
Starting a Token-based CLI Session
To use token-based authentication for the CLI on a computer with a web browser:
1. In the CLI, run the following command. This will launch a web browser.
oci session authenticate
2. In the browser, enter your user credentials. This authentication information is saved to the .config file.
Validating a Token
To verify that a token is valid, run the following command:
oci session validate –config-file <path_to_config_file> –profile <profile_name> –auth security_token You should receive a message showing the expiration date for the session. If you receive an error, check your profile settings.
References:
https://docs.cloud.oracle.com/en-us/iaas/Content/API/SDKDocs/clitoken.htm
Token-based authentication for the CLI allows customers to authenticate their session interactively, then use the CLI for a single session without an API signing key. This enables customers using an identity provider that is not SCIM-supported to use a federated user account with the CLI and SDKs.
Starting a Token-based CLI Session
To use token-based authentication for the CLI on a computer with a web browser:
1. In the CLI, run the following command. This will launch a web browser.
oci session authenticate
2. In the browser, enter your user credentials. This authentication information is saved to the .config file.
Validating a Token
To verify that a token is valid, run the following command:
oci session validate –config-file <path_to_config_file> –profile <profile_name> –auth security_token You should receive a message showing the expiration date for the session. If you receive an error, check your profile settings.
References:
https://docs.cloud.oracle.com/en-us/iaas/Content/API/SDKDocs/clitoken.htm