qacli auth

Authenticate the user on the remote results server.

Usage

auth  {-D|-V} [-U <[protocol://]host:port>] [-u <username>] [-p <password>] [-f <password-file>] [-t <application-token>] [-T <token-file>] [-x <days>] [-q] [--] [-h]

Extended Description

Results may be pushed up to a results server such as the legacy Helix QAC Dashboard or the Validate server. This command authenticates with one of these systems and returns a token that can be used in subsequent commands rather than continually specifying a username & password.

For connections to Helix QAC Dashboard the token is returned to stdout as a string.

For connections to Validate the token is stored as a file in the user’s filesystem. It is stored in the User Data Location and by default can be found here:

Windows: %LOCALAPPDATA%\Perforce\Helix-QAC-<version>/app/validate_ltoken
Linux: $HOME/.config/Perforce/Helix-QAC-<version>/app/validate_ltoken

This location can be overridden by setting the environment variable HELIX_QAC_LTOKEN. See Environment Variables for more details.

Additionally, Validate also supports modern authentication - refer to the Validate documentation for more details. This enables the user to authenticate using a third party provider. Validate can also generate timed limited Application Tokens. See the ‑‑token/‑‑token‑file options for more details.

Options

Name, shorthand	Default	Description
`‑‑dashboard, ‑D`		Authenticate with a Dashboard results server. The default behaviour is to return a token (as text) that will expire in 1 day. Use the `‑‑expire‑in` option to increase the expiry interval.
`‑‑expire‑in, ‑x`	1	Dashboard authentication token will expire after the specified number of days.
`‑‑help, ‑h`		Displays usage information and exits.
`‑‑ignore‑rest, ‑`		Ignores the rest of the labeled arguments following this flag.
`‑‑log‑out, ‑q`		Logout from the Validate results server i.e. remove the token from the users filesystem.
`‑‑password, ‑p`		Password to use on the results server.
`‑‑password‑file, ‑f`		A path to a file that contains a password. It should be appropriately protected.
`‑‑token, ‑t`		Use the supplied Validate application token.
`‑‑token‑file, ‑T`		A path to a file that contains an application token. It should be appropriately protected.
`‑‑url, ‑U`		URL of the results server. By default the http protocol is assumed. Examples include: `localhost:80`, `127.0.0.1:8080`, `https://prometheus:8888`
`‑‑username, ‑u`		Username to use on the results server.
`‑‑validate, ‑V`		Authenticate with a Validate results server. The default behavior is to return a token that is stored in the users filesystem. It will remain valid until a `‑‑log‑out` is issued.

Dashboard tokens expire and by default they last for 1 day.

Validate tokens do not expire and you should ‑‑log‑out when you are finished using them.

Examples

Login to a Validate Server

To login to a Validate server running on the host prometheus, issue a command such as:

qacli auth --validate --username trinity --password pa55word --url prometheus:8888

A zero return code indicates success and the token will be stored in the users filesystem.

Authenticate With a Validate Server Using an Application Token

To authenticate with a Validate server using an application token, first login to Validate's web interface and navigate to the Application Tokens screen. Choose Create a new application token, select an appropriate Expiry period, and click Create to generate the token.

Store the token in a safe, protected location. You can then use this token to authenticate from qacli with a command such as:

qacli auth --validate --url prometheus:8888 --token <long token string>

Alternatively, you can store the token in an appropriately protected file and authenticate using that file:

qacli auth --validate --url prometheus:8888 --token-file <token-filename>

Login to a Dashboard Server

To login to a Dashboard server, running on the host zion, using a password file that contains the password, issue a command such as:

qacli auth --dashboard --username trinity -–password-file my_creds --url zion:8080

A zero return code indicates success and the token will be returned to stdout.

Authenticate Using Modern Authentication

Assuming your Validate server has been configured to use a modern authentication service, you just need to try to authenticate using it:

qacli auth --validate --url matrix:8866

Initializing device authorization...
Enter the following code in your browser: 6E20-43F2
If a browser doesn't open please navigate to http://LM-21-3:8008/review/insight-review.html#device
Press Enter to continue...
Waiting for response...

A browser tab will open at the given URL and the user can then enter the token/pin.