Configuration
To configure the CLI plugins, create a new directory in a location of your choice, and within it create a YAML file called config.yaml
with the following contents (including the information for the plugins you intend to use):
logging:
log_level: LEVEL
plugins:
auth0:
domain: DOMAIN
client-id: ID
client-secret: SECRET
json:
from-file: PATH_TO_FILE
to-file: PATH_TO_OUTPUT_FILE
aserto:
tenant: TENANT_ID
authorizer: AUTHORIZER
api-key: AUTHORIZER_API_KEY
okta:
domain: OKTA_DOMAIN
api-token: TOKEN
azuread:
tenant: AZUREAD_TENANT
client-id: AZUREAD_CLIENT_ID
client-secret: AZUREAD_CLIENT_SECRET
Configuration elements
General
log_level: the possible logging level values are: trace
, debug
, warning
and info
Auth0
note
These values should come from a machine-to-machine (M2M) application. To learn how to set one up in Auth0, refer to this guide.
note
- domain: Auth0 domain
- client-id: Auth0 client ID for a M2M application
- client-secret: Auth0 client secret for the same M2M application
JSON
- from-file: path to the JSON file users will be read from
- to-file: path to the JSON file users will be written to
Aserto
- tenant: the tenant ID for the account or organization
- authorizer: the address of your authorizer, appended with the port 8443. For example,
authorizer.prod.aserto.com:8443
- api-key: the Authorizer API key (you can obtain this from the Authorizer connection in the console)
Okta
- domain: the Okta machine-to-machine (M2M) Okta domain
- api-token: the Okta machine-to-machine (M2M) Client Secret
Entra / AzureAD
note
To get these values, navigate to the Azure Portal
=> Azure Active Directory
=> App Registrations
, locate your Azure AD app and select Certificates & Secrets
note
- tenant: the AzureAD tenant
- client-id: the AzureAD client ID
- client-secret: the AzureAD secret for the provided client ID