kubelogin icon indicating copy to clipboard operation
kubelogin copied to clipboard

Published 20 hours ago verified publisher icon int128

Force refresh token

Open Xartos opened this issue 3 years ago • 0 comments

Purpose of the feature (why)

When the cluster for some reason looses the ability to validate your token and you get something like:

error: You must be logged in to the server (Unauthorized)
exit status 1

Often times you can fix this by just delete the cached token in the ~/.kube/cache/oidc-login/ folder. However if you login to multiple clusters it can be hard to know exactly what token to delete and if you delete all of them, then you'll need to login again on all clusters.

It would be nice to have a simple way of removing the token for a particular cluster

Your idea (how)

Add a subcommand to make it easy to list all cached tokens and to be able to delete them.

Something like:

$ kubectl oidc-login get token
ISSUER                      EMAIL
https://issuer.example      [email protected]

$ kubectl oidc-login delete token https://issuer.example
Token deleted

Or something like that.

The best thing would be to have such a flag directly in kubectl so that you would be able to run kubectl get pod --force-relogin but I guess that that isn't possible on your end.

Xartos avatar Nov 02 '21 15:11 Xartos