vhsm login

Learn to authenticate users to vHSM server.

The vhsm login command authenticates users to vHSM using the provided credentials. A successful login generates a token, which functions similarly to a session token on a website. By default, this token is cached on the local machine for future use.

Usage

vhsm login [options] [TOKEN]

If no token is provided, authentication defaults to the token method and prompts for a token input.
Other authentication methods (such as userpass, github, or cert) can be specified using the -method flag.
If an authentication method is enabled at a non-standard path, use -path to specify it.

Examples

vhsm login

Input Prompt

Token (will be hidden):

Output

Success! You are now authenticated. The token information displayed below is
already stored in the token helper. You do NOT need to run "vhsm login" again.
Future vHSM requests will automatically use this token.

Key                  Value
---                  -----
token                s.2f3c5L1MHtnqbuNCbx90utmC
token_accessor       JLUIXJ6ltUftTt2UYRl2lTAC
token_duration       ∞
token_renewable      false
token_policies       ["root"]
identity_policies    []
policies             ["root"]

vhsm login s.3jnbMAKl1i4YS3QoKdbHzGXq

Output

Success! You are now authenticated. The token information displayed below is
already stored in the token helper. You do NOT need to run "vhsm login" again.
Future vHSM requests will automatically use this token

Key                  Value
---                  -----
token                s.3jnbMAKl1i4YS3QoKdbHzGXq
token_accessor       7Uod1Rm0ejUAz77Oh7SxpAM0
token_duration       767h59m49s
token_renewable      true
token_policies       ["admin" "default"]
identity_policies    []
policies             ["admin" "default"]

vhsm login -method=userpass username=my-username

Input Prompt

Password (will be hidden):

Output

Success! You are now authenticated. The token information displayed below is
already stored in the token helper. You do NOT need to run "vhsm login" again.
Future vHSM requests will automatically use this token.

Key                    Value
---                    -----
token                  s.2f3c5L1MHtnqbuNCbx90utmC
token_accessor         JLUIXJ6ltUftTt2UYRl2lTAC
token_duration         768h
token_renewable        true
token_policies         ["default"]
identity_policies      []
policies               ["default"]
token_meta_username    my-username

vhsm login -method=github -path=github-prod

Output

Success! You are now authenticated. The token information displayed below is
already stored in the token helper. You do NOT need to run "vhsm login" again.
Future vHSM requests will automatically use this token.
stored in the token helper. Future requests will use this token automatically.

Key                    Value
---                    -----
token                  s.2f3c5L1MHtnqbuNCbx90utmC
token_accessor         JLUIXJ6ltUftTt2UYRl2lTAC
token_duration         768h
token_renewable        true
token_policies         ["default"]
identity_policies      []
policies               ["default"]
token_meta_org         hashicorp
token_meta_username    my-username

Command Options

Option

Type

Description

-method

<string>

Specifies the authentication method (e.g., userpass, ldap). Defaults to token.

-path

<string>

Specifies the remote vHSM path where the auth method is enabled. Defaults to the method name (e.g., userpass -> userpass/).

-no-print

<boolean>

Prevents the token from being displayed. The token is still stored in the configured token helper.

-no-store

<boolean>

Prevents the token from being saved for future requests. It will only be displayed in the command output.

-token-only

<boolean>

Outputs only the token without verification (equivalent to -field=token -no-store).

Output Options

Option

Type

Description

-field

<string>

Prints only a specific field (e.g., token) in the format specified by -format.

-format

<string>

Specifies output format: table, json, or yaml. Default: table. (VAULT_FORMAT environment variable can be used.)

PreviousAuthentication and Authorization Nextvhsm auth

Last updated 9 months ago

Was this helpful?

Usage

Examples

1. Login Using the default token method

2. Login using a token from the command line

3. Login using the userpass authentication method

4. Login using the github authentication method at a custom path

Command Options

Output Options

3. Login using the `userpass` authentication method

4. Login using the `github` authentication method at a custom path