...
This authentication type is mostly used as part of OAuth 2.0 authentication flow.
At first you need your client needs to obtain the Bearer token from an OAuth2 exchange flow on an OAuth2 server where the login credentials will be exchanged to a Bearer token. How this is done is out of the Then you can use this Bearer token in the HTTP header to authenticate PIPEFORCE command and other endpoint calls.
This approach needs good knowledge how OAuth2 works which is out of scope of this documentation. Please refer to your OAuth2 service for more information here.Then
Once you finally have obtained the access token form your OAuth2 exchange flow, you can set the it as Bearer token like this:
| Code Block |
|---|
authorization: Bearer <token> |
Here is an example of how you can could obtain the Bearer access token from the PIPEFORCE IAM service :for the client-id pipeforce.
| Code Block |
|---|
export TOKEN_RESPONSE=`curl -X POST --location "https://iam-<ns>.pipeforce.net/auth/realms/<ns>/protocol/openid-connect/token" \
-H "Content-Type: application/x-www-form-urlencoded" \
-d "grant_type=password&client_id=pipeforce&username=<username>&password=<password>&scope=pipeforce"`
export PIPEFORCE_ACCESS_TOKEN=`echo $TOKEN_RESPONSE | jq -r '.access_token'`
curl "https://hub-<ns>.pipeforce.net/api/v3/command/..." -H -H "authorization: Bearer ${PIPEFORCE_ACCESS_TOKEN}" |
In case you need to setup a custom OAuth2 client-id and secret in PIPEFORCE IAM, please contact support since they will setup and maintain this for you.
RunAs Authentication​
This is not really an authentication method since it switches from an already successfully authenticated user to another user in case the user has the permission to do so.
...