aio-cli-plugin-cloudmanager
aio-cli-plugin-cloudmanager copied to clipboard
adobe
How to authenticate with aio for Oauth server-to-server credential (without browser authentication) like old/depreicated Service account(JWT) ?
Is your feature request related to a problem? Please describe. Earlier with JWT by running the following command we're able to communicate with cloud-manager without browser authentication.
aio config:set jwt-auth jwt.json --file --json
aio config:set jwt-auth.jwt_private_key private.key --file
aio config:set cloudmanager_programid
Now as per adobe, JWT feature is deprecated and we need to use Oauth server-to-server credential instead.
Describe the solution you'd like I'm suing this aio in one environment where browser based authentication is not possible. In this case how can I run the aio without browser authentication like deprecated JWT mention above ?
This feature request has already been raised by @kwin https://github.com/adobe/aio-cli-plugin-cloudmanager/issues/671
v6.4.0 already released https://www.npmjs.com/package/@adobe/aio-lib-ims/v/6.4.0
The docs have a lot of inconsistencies between all the different repos. Does anyone have a working example of this?
I found temporary solution which works for me:
- Install latest aio-cli-plugin-auth (3.2.1)
- Add to global ~/.config/aio file (take credentials from developer console):
{
aio-cli-telemetry: {
optOut: true,
clientId: COPY_YOUR_CLIENT_ID_HERE
},
cloudmanager_programid: "COPY_YOUR_PROGRAMID_HERE",
ims: {
contexts: {
aio-cli-plugin-cloudmanager: {
ims_org_id: "COPY_YOUR_IMS_ORG_ID_HERE",
client_id: "COPY_YOUR_CLIENT_ID_HERE",
client_secrets: [
"COPY_YOUR_SECRET_HERE"
],
technical_account_id: "COPY_YOUR_ACCOUNT_ID_HERE",
technical_account_email: "COPY_YOUR_ACCOUNT_EMAIL_HERE",
scopes: [
"COPY_YOUR_SCOPES_HERE"
],
}
},
config: {
current: "aio-cli-plugin-cloudmanager"
}
}
}
- Run
aio auth login(access_token will be added to ~/.config/aio file) - Verify cloud manager plugin's command:
aio cloudmanager:list-programs
@lszajek,
I tried this. But when I'm trying to call aio auth login its again redirecting to browser for authentication.
Did you check the version of aio-cli-plugin-cloudmanager plugin? It seems that v4.1.0 has fixed that. And make sure that you have OAuth Server-to-Server credentials set at developer console.
This worked for me (i used a config.json file instead of a .yaml file), thanks @lszajek. Can this be documented here: https://developer.adobe.com/developer-console/docs/guides/authentication/
I created my config file by searching my projects credentials in cloud manager - is there an eaiser way to get this information?
This worked for me (i used a config.json file instead of a .yaml file), thanks @lszajek. Can this be documented here: https://developer.adobe.com/developer-console/docs/guides/authentication/
I created my config file by searching my projects credentials in cloud manager - is there an eaiser way to get this information?
looks like executing this aio auth login is not needed, as i'm able to execute aio cloudmanager:pipeline:create-execution xxxx --emergency succesfully without running "auth login"
I am having same issue in aio-cli v9.3.0
command: aio auth login -v -c=pipeline
json file:
{ "ims": { "config": { "current": "pipeline" }, "contexts": { "pipeline": { "client_id": "XXXXXXXXXXX", "client_secrets": ["XXXXXXXXXXXXXX"], "ims_org_id": "XXXXXXXXXX@AdobeOrg", "technical_account_id": "[email protected]", "technical_account_email": "[email protected]", "scopes": ["AdobeID openid read_organizations additional_info.projectedProductContext additional_info.roles adobeio_api read_client_secret manage_client_secrets"], "state": "" } } } }
Please suggest me to address this issue ?
I too, have an issue using OAuth2 with the cloudmanager plugin.
These are my versions:
$ aio plugins
@adobe/aio-cli-plugin-aem-rde 1.1.0
@adobe/aio-cli-plugin-cloudmanager 4.1.0
$ aio --version
@adobe/aio-cli/9.4.1 wsl-x64 node-v16.20.2
And I have this set up ~/.config/aio (thank you @lszajek. )
ims: {
contexts: {
aio-cli-plugin-cloudmanager: {
ims_org_id: "XXX",
grant_type: "client_credentials",
client_id: "XXX",
client_secrets: [
"XXX"
],
technical_account_id: "XXX",
technical_account_email: "XXX",
scopes: [
"openid",
"AdobeID",
"read_organizations",
"additional_info.projectedProductContext",
"read_pc.dma_aem_ams"
],
}
},
config: {
current: "aio-cli-plugin-cloudmanager"
}
}
Login works perfectly. When I do aio auth:login I get a key returned and added to my configuration. However, cloudmanager still seems to be looking for parameters related to JWT.
$ aio cloudmanager:list-programs
› Error: [CloudManagerCLI:IMS_CONTEXT_MISSING_FIELDS] One or more of the required fields in
› ims.contexts.aio-cli-plugin-cloudmanager were not set. Missing keys were client_secret, meta_scopes,
› private_key.
› Code: IMS_CONTEXT_MISSING_FIELDS
@mstuart2-dxc I also had such a problem after upgrading aio-cli-plugin-cloudmanager to 4.1.0 and temporary resolved it by disabling prerun hook in package.json. Just rename "prerun": "./src/hooks/prerun/prerun-all.js" to "__prerun": "./src/hooks/prerun/prerun-all.js" in aio-cli-plugin-cloudmanager package.json file. I have this file here: ~/.local/share/@adobe/aio-cli/node_modules/@adobe/aio-cli-plugin-cloudmanager/package.json
:tada: This issue has been resolved in version 4.2.0 :tada:
The release is available on:
Your semantic-release bot :package::rocket:
![github-actions[bot] avatar](https://avatars.githubusercontent.com/in/15368?v=4 "Published by a pub.dev verified publisher"){kind=small}