Pydio Documentation Library

Deploy, administrate & extend Pydio

Pydio v8

cells-enterprise admin user token

./cells-enterprise admin user token

Generate a personal token for a user

Synopsis

DESCRIPTION

Generate a personal authentication token for a user. Expiration can be set in two ways:
+ A hard limit, by using the -e flag (duration) + A sliding window by using the -a flag (duration): in that case the token expiration will be refreshed each time the token is used (e.g a request using this token is received).

EXAMPLES

Generate a token that lasts 24 hours for user admin $ ./cells-enterprise admin user token -u admin -e 24h

Generate a token that lasts by default 10mn, but which expiration is refreshed to the next 10mn each time the token is used. $ ./cells-enterprise admin user token -u admin -a 10m

TOKEN USAGE

These token can be used in replacement of an OAuth2-based access token: they can replace the "Bearer" access token when calling any REST API. They can also be used as the password (in conjunction with username) for all basic-auth based APIs (e.g. webDAV).

TOKEN SCOPE

By default, generated tokens grant the same level of access as a standard login operation. To improve security, it is possible to restrict these accesses to a specific file or folder (given it is accessible by the user in first place) with a "scope" in the format "node:NODE_UUID:PERMISSION" where PERMISSION string contains either "r" (read) or "w" (write) or both.

./cells-enterprise admin user token [flags]

Options

  -a, --auto string     Auto-refresh expiration when token is used. Format is 20u where u is a unit: s (second), (minute), h (hour), d(day).
  -e, --expire string   Expire after duration. Format is 20u where u is a unit: s (second), (minute), h (hour), d(day).
  -h, --help            help for token
  -q, --quiet           Only return the newly created token value (typically useful in automation scripts with a short expiry time)
  -s, --scope strings   Optional scopes
  -u, --user string     User login (mandatory)

Options inherited from parent commands

      --broker string                           Pub/sub service for events between services (currently nats only) (default "memory")
      --nats_address string                     NATS server address (default ":4222")
      --nats_cluster_address string             NATS server cluster address
      --nats_cluster_routes string              NATS server cluster routes
      --nats_monitor_port int                   Expose nats monitoring endpoints on a given port (default 8222)
      --nats_streaming_cluster_bootstrap        NATS streaming bootstrap cluster
      --nats_streaming_cluster_id string        NATS streaming cluster ID (default "cells")
      --nats_streaming_cluster_node_id string   NATS streaming cluster node id
      --nats_streaming_cluster_peers string     NATS streaming list of cluster peers
      --nats_streaming_clustered                NATS streaming clustered
      --nats_streaming_store string             NATS streaming store type (default "MEMORY")
      --port_broker int                         Port used to start a broker discovery service (default 8003)
      --port_registry int                       Port used to start a registry discovery service (default 8000)
      --registry string                         Registry used to manage services (currently nats only) (default "memory")
      --transport string                        Transport protocol for RPC (default "grpc")

SEE ALSO

Auto generated by Pydio Cells Enterprise Distribution v3.0.2 on 11-Nov-2021
Back to top