Using an API Key or SSO to log in will require you to follow-up the login command with an explicit bw unlock if you will be working with Vault data directly. If your Organization requires SSO, you may alternatively use -apikey to log in to the CLI. You can string these factors together into a single command as in the following example, however this is not recommended for security reasons: bw login -method -code The CLI currently supports Two-step Login via authenticator, email, or Yubikey. This will initiate a prompt for your Email Address, Master Password, and ( if enabled) a Two-step Login code. To log in with email and password: bw login Logging in with email and password is recommended for interactive sessions. There are, however, a few commands that do not require your Vault to be decrypted, including config, encode, generate, update, and status. This is because your Master Password is the source of the key needed to decrypt Vault data. Using an API Key or SSO will require you to follow-up the login command with an explicit bw unlock if you will be working with Vault data directly. Logging in Using Email and Password uses your Master Password and can therefore string together the login and unlock commands to authenticate your identity and decrypt your Vault in tandem.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |