Service Tokens
StackState v6.0
Overview
Using Service tokens it's possible to authenticate to StackState without having an associated a user account. This is useful for situations where you want to use StackState from headless services like a CI server. In such a scenario you typically don't want to provision a user account in your identity provider.
Manage service tokens
Service tokens can be managed via the sts CLI. The following commands are available:
> sts service-token --help
Manage service tokens.
Usage:
sts service-token [command]
Available Commands:
create Create a service token
delete Delete a service token
list List service tokens
Use "sts service-token [command] --help" for more information about a command.Create service tokens
To create a service token in your instance of StackState, you can use the sts CLI.
This command takes the following command line arguments:
--name
The name of the service token
--expiration
The expiration date of the service token, the format is yyyy-MM-dd. The expiration is optional.
--roles
A comma separated list of roles to assign to the service token
For example, the command below will create a service token with the name my-service-token and the role stackstate-k8s-troubleshooter:
List service tokens
The ID, name, expiration date and roles of all created service tokens can be seen using the sts CLI. For example:
Delete service tokens
A service token can be deleted using the sts CLI. Pass the ID of the service token as an argument. For example:
Authenticating using service tokens
Once created, a service token can be used to authenticate to StackState from a headless service. To do this you can either use the CLI or directly talk to the API.
StackState sts CLI
sts CLIA service token can be used for authentication with the new sts CLI.
StackState APIs
To use a service token to talk directly to the StackState API, add it to the header of the request in one of the following ways:
In the
Authorizationheader:In the
X-API-Keyheader:
Last updated