onelogin-aws-cli icon indicating copy to clipboard operation
onelogin-aws-cli copied to clipboard

Published 20 hours ago verified publisher icon physera

Allow passing OTP token through command line

Open entropitor opened this issue 5 years ago • 3 comments

Expected Behavior

It would be nice if we could pass the OTP token (and the otp_device) through the CLI args / env variable (so e.g. you can run a script to get a token an pass it to this tool, without needing interactive input)

Current Behavior

Interactive prompt where it's not using the actual name of the OTP device but the type (e.g. I get twice Google Authenticator even though I gave them different names)

Possible Solution

Allow passing token and otp device through CLI

Context (Environment)

Allow hooking 1password-cli with this tool to not have to copy paste the token

entropitor avatar Jul 30 '20 08:07 entropitor

You can set otp_device via the similarly named config parameter.

Would it work to do something like: generate_token.sh | onelogin-aws-login

slycoder avatar Jul 31 '20 03:07 slycoder

@slycoder That would work.

Regarding the device, the problem is that I get this prompt (and I want the 2nd one), setting the otp_device to "Google Authenticator" picks the wrong one

image

entropitor avatar Jul 31 '20 09:07 entropitor

Each device has a deviceId that you could use to differentiate: https://developers.onelogin.com/api-docs/2/saml-assertions/generate-saml-assertion

vandycknick avatar Jul 31 '20 10:07 vandycknick