Use cases involving the automatization of the interaction with the NAPPTIVE Playground such as CI integrations, or executions triggered by scripts are not possible with OAuth authentication mechanisms as there is no possibility to open a browser window, nor there is a user that can answer the OAuth challenge.
Personal Access Tokens (PAT) represent an alternative method to authenticate against the NAPPTIVE Playground using a programatic approach with HTTP requests. A user account can have several PAT associated to it.
- Playground tools are installed (kubectl & playground)
- A valid NAPPTIVE Playground account
$ playground login Login success
To generate a new token you can use the CLI with the following command:
$ playground user pat create ci_pat NAME TOKEN ci_pat <your token> Please store this value safely as it cannot be retrieved once generated. To login with this value, set the environment variable PLAYGROUND_PAT with the token, or save it to a file. Use 'playground login --pat' to log into the NAPPTIVE Playground without OAuth.
Alternatively, you can store the contents of the generated pat with:
$ playground user pat create test_pat --patFile /tmp/test_pat.dat You can use this Personal Access Token to log into the NAPPTIVE Playground using the following command: $ playground login --patFile /tmp/test_pat.dat
There are two methods to use PAT. First, you can set the environment variable
PLAYGROUND_PAT with the contents of the token, and execute:
$ playground login --pat Login success
Alternatively, you can load the PAT from a file using:
playground login --patFile /tmp/test_pat.dat Login success
After any of this, you can interact normally with the NAPPTIVE Playground using the
To list the tokens associated with your user account and check when they were last used, executed:
$ playground user pat list NAME LAST_LOGIN ci_pat 2021-04-06 18:16:28 +0200 CEST test_pat 2021-04-06 18:18:19 +0200 CEST
To remove/revoke a Personal Access Token use:
$ playground user pat delete mypat STATUS INFO SUCCESS Removed
Note that this operation removes the token from the system. Sessions that have already being negotiated using this token will not be invalidated.