chef-platform-auth-cli reference
chef-platform-auth-cli
Chef Platform auth CLI
Synopsis
Chef Platform auth CLI is use to get authenticate
Options
-h
--help
help for chef-platform-auth-cli
Default value:
false
chef-platform-auth-cli authz
Commands for node account
Synopsis
Commands for managing node account
Options
-h
--help
help for authz
Default value:
false
See also
chef-platform-auth-cli authz policy
Commands related to policy
Options
-h
--help
help for policy
Default value:
false
See also
- chef-platform-auth-cli authz
- chef-platform-auth-cli authz policy create-policy
- chef-platform-auth-cli authz policy delete-policy
- chef-platform-auth-cli authz policy disable-policy
- chef-platform-auth-cli authz policy enable-policy
- chef-platform-auth-cli authz policy get-policy
- chef-platform-auth-cli authz policy list-policy
- chef-platform-auth-cli authz policy test-policy
- chef-platform-auth-cli authz policy update-policy
chef-platform-auth-cli authz policy create-policy
create a policy under the current organization
Synopsis
Summary:
This operation will create a new user-defined policy under current organization. Policies allow access to API end-points based upon routing rules and enforced by the API gateway. Policies do not enforce attribute based access rules (ABAC) inside a domain on an object (e.g. User A can execute courier job 1234).
Note:
This method will always result in a Policy which is defined by “User”
Errors
400 (Bad Request)
Malformed-Request
401 (Unauthorised)
The credential used to access this resource is invalid/expired
403 (Forbidden)
User with this role is not allowed to access the resource
409 (Conflict)
Policy name already exist in this organizational unit
422 (Unprocessable Content)
The policy does not meet the validation requirements. Reference the errors in the response for more details.
500 (Internal Server Error)
Some unexpected error occurred requesting this resource
Usage
chef-platform-auth-cli authz policy create-policy [flags]
Options
--body
The policy to be created
--body-file
Path to file in the local system containing valid body parameter value
--body-format
Format of the --body or --body-file, options: json, yaml, toml
Default value:
json
--format
to print response in format
Default value:
json
-h
--help
help for create-policy
Default value:
false
--profile
name of the profile to be used for cmd
Default value:
default
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli authz policy delete-policy
Delete a policy
Synopsis
Summary:
This operation will delete an existing policy under current org.
Note:
This method will only allow deleting of user-defined policies
Errors
401 (Unauthorised)
The credential used to access this resource is invalid/expired
403 (Forbidden)
User with this role is not allowed to access the resource
404 (Not Found)
Policy doesn’t exist in this organization
412 (Precondition Failed)
If the “If-Match” header is included in the request, this error status indicates that the value of “If-Match” (the ETag information) did not match and therefore the entity was not deleted.
423 (Locked)
Policy is not a user-defined Policy and thus can not be deleted
500 (Internal Server Error)
Some unexpected error occurred requesting this resource
Usage
chef-platform-auth-cli authz policy delete-policy [flags]
Options
--format
to print response in format
Default value:
json
-h
--help
help for delete-policy
Default value:
false
--If-Match
If-Match will compare the supplied etag to the resource requested. If the etag does not match the operation will be aborted.
--policyId
ID of a Policy
--profile
name of the profile to be used for cmd
Default value:
default
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli authz policy disable-policy
Disable a policy in the current organization
Synopsis
Summary:
Use this operation when there is a need to disable a policy. This will deactivate the policy enforcement.
Note:
This operation can only be used to disable an already enabled User policy.
Errors
401 (Unauthorised)
The credential used to access this resource is invalid/expired
403 (Forbidden)
User with this role is not allowed to access the resource
404 (Not Found)
The policy requested does not exist in the organization
409 (Conflict)
Expect this error code if the policy is already disabled
412 (Precondition Failed)
If the “If-Match” header is included in the request, this error status indicates that the value of “If-Match” (the ETag information) did not match and therefore the entity was not updated.
423 (Locked)
Policy is not a User policy
500 (Internal Server Error)
Some unexpected error occurred requesting this resource
Usage
chef-platform-auth-cli authz policy disable-policy [flags]
Options
--format
to print response in format
Default value:
json
-h
--help
help for disable-policy
Default value:
false
--If-Match
If-Match will compare the supplied etag to the resource requested. If the etag does not match the operation will be aborted.
--policyId
ID of a Policy
--profile
name of the profile to be used for cmd
Default value:
default
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli authz policy enable-policy
Enable a policy in the current organization
Synopsis
Summary:
Use this operation to enable a disabled policy. This will enable enforcement of the policy.
Note:
This operation can only be used to enable an already disabled User policy.
Errors
401 (Unauthorised)
The credential used to access this resource is invalid/expired
403 (Forbidden)
User with this role is not allowed to access the resource
404 (Not Found)
The policy requested does not exist in the organization
409 (Conflict)
Expect this error code if the policy is already enabled
412 (Precondition Failed)
If the “If-Match” header is included in the request, this error status indicates that the value of “If-Match” (the ETag information) did not match and therefore the entity was not updated.
423 (Locked)
Policy is not a user-defined policy
500 (Internal Server Error)
Some unexpected error occurred requesting this resource
Usage
chef-platform-auth-cli authz policy enable-policy [flags]
Options
--format
to print response in format
Default value:
json
-h
--help
help for enable-policy
Default value:
false
--If-Match
If-Match will compare the supplied etag to the resource requested. If the etag does not match the operation will be aborted.
--policyId
ID of a Policy
--profile
name of the profile to be used for cmd
Default value:
default
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli authz policy get-policy
Get details of a policy
Synopsis
Summary:
Use this operation to get details of a user-defined policy or a system defined policy in the organization
Errors
401 (Unauthorised)
The credential used to access this resource is invalid/expired
403 (Forbidden)
User with this role is not allowed to access the resource
404 (Not Found)
The policy requested does not exist in the organization and neither a system policy
500 (Internal Server Error)
Some unexpected error occurred requesting this resource
Usage
chef-platform-auth-cli authz policy get-policy [flags]
Options
--format
to print response in format
Default value:
json
-h
--help
help for get-policy
Default value:
false
--policyId
ID of a Policy
--profile
name of the profile to be used for cmd
Default value:
default
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli authz policy list-policy
List policies
Synopsis
Summary:
This operation will search for user-defined policies registered in the current organization and system policies
Note:
Unless definedBy is specified this will default to limiting results to user defined policies
Errors
401 (Unauthorised)
The credential used to access this resource is invalid/expired
403 (Forbidden)
User with this role is not allowed to access the resource
422 (Unprocessable Content)
The request query string options does not meet the validation requirements. Reference the errors in the response for more details.
500 (Internal Server Error)
Some unexpected error occurred requesting this resource
Usage
chef-platform-auth-cli authz policy list-policy [flags]
Options
--action
the policy must contain a statement with this action
--definedBy
who defined the policy
Default value:
user
--description
A partial match against the description of a Policy
--format
to print response in format
Default value:
json
-h
--help
help for list-policy
Default value:
false
--name
A partial match against the name of a Policy
--pagination.page
what page of the pagination
Default value:
1
--pagination.size
items per page
Default value:
10
--profile
name of the profile to be used for cmd
Default value:
default
--route
the policy must contain a statement with a partial match of this text in the route
--status
The Status of the policies to filter by
--text
A partial match against the name or description of a Policy
--verb
the policy must contain a statement with this verb
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli authz policy test-policy
Test a policy
Synopsis
Summary:
This operation can be used to sumbit an array of routes and HTTP verb to test a policy
Errors
400 (Bad Request)
Malformed-Request
401 (Unauthorised)
The credential used to access this resource is invalid/expired
403 (Forbidden)
User with this role is not allowed to access the resource
404 (Not Found)
The policy requested is neither a system policy; nor it exists in the organization
422 (Unprocessable Content)
The requested payload does not meet the validation requirements. Reference the errors in the response for more details.
500 (Internal Server Error)
Some unexpected error occurred requesting this resource
Usage
chef-platform-auth-cli authz policy test-policy [flags]
Options
--body
Array of URIs to test
--body-file
Path to file in the local system containing valid body parameter value
--body-format
Format of the --body or --body-file, options: json, yaml, toml
Default value:
json
--format
to print response in format
Default value:
json
-h
--help
help for test-policy
Default value:
false
--policyId
ID of a Policy
--profile
name of the profile to be used for cmd
Default value:
default
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli authz policy update-policy
Update a policy
Synopsis
Summary:
This operation will update an existing policy under current org.
Note:
This method will only allow updating of user-defined policies
Errors
400 (Bad Request)
Malformed-Request
401 (Unauthorised)
The credential used to access this resource is invalid/expired
403 (Forbidden)
User with this role is not allowed to access the resource
404 (Not Found)
Policy doesn’t exist in this organization
409 (Conflict)
Policy name already exist in this organization
412 (Precondition Failed)
If the “If-Match” header is included in the request, this error status indicates that the value of “If-Match” (the ETag information) did not match and therefore the entity was not updated.
422 (Unprocessable Content)
The policy does not meet the validation requirements. Reference the errors in the response for more details.
423 (Locked)
Policy is not a user-defined Policy and thus can not be updated
500 (Internal Server Error)
Some unexpected error occurred requesting this resource
Usage
chef-platform-auth-cli authz policy update-policy [flags]
Options
--body
The policy details to be updated
--body-file
Path to file in the local system containing valid body parameter value
--body-format
Format of the --body or --body-file, options: json, yaml, toml
Default value:
json
--format
to print response in format
Default value:
json
-h
--help
help for update-policy
Default value:
false
--If-Match
If-Match will compare the supplied etag to the resource requested. If the etag does not match the operation will be aborted.
--policyId
ID of a Policy
--profile
name of the profile to be used for cmd
Default value:
default
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli authz role
Commands related to role
Options
-h
--help
help for role
Default value:
false
See also
- chef-platform-auth-cli authz
- chef-platform-auth-cli authz role assign-policies
- chef-platform-auth-cli authz role assign-policy
- chef-platform-auth-cli authz role create-role
- chef-platform-auth-cli authz role delete-policy
- chef-platform-auth-cli authz role delete-role
- chef-platform-auth-cli authz role disable-role
- chef-platform-auth-cli authz role enable-role
- chef-platform-auth-cli authz role find-role
- chef-platform-auth-cli authz role get-policy
- chef-platform-auth-cli authz role get-role
- chef-platform-auth-cli authz role list-policies
- chef-platform-auth-cli authz role modify-policies
- chef-platform-auth-cli authz role test-role
- chef-platform-auth-cli authz role update-role
chef-platform-auth-cli authz role assign-policies
Create role and assign specified policies to the role.
Synopsis
Summary:
If the role with the provided name already exists,the API will assign the specified policies to the role as a final set of policies. If the provided role does not exist, the API will create the role and assign the specified policies to the role as a final set of policies.
Errors
404 (Not Found)
The policy you requested does not exist.
422 (Policy validation failed)
The policy is a system defined policy not a user defined policy.
423 (Locked)
The role or policy is disabled.
401 (Unauthorized)
The credential used to access this resource is invalid or expired.
403 (Forbidden)
A user with this role is not allowed to access the resource.
500 (Internal Server Error)
Some unexpected errors occurred while requesting this resource.
503 (Service Unavailable)
The request service is not responsive.
Usage
chef-platform-auth-cli authz role assign-policies [flags]
Options
--body
Policies to be assigned to the role
--body-file
Path to file in the local system containing valid body parameter value
--body-format
Format of the --body or --body-file, options: json, yaml, toml
Default value:
json
--format
to print response in format
Default value:
json
-h
--help
help for assign-policies
Default value:
false
--profile
name of the profile to be used for cmd
Default value:
default
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli authz role assign-policy
Assign a user-defined policy to user-defined role in the current organization
Synopsis
Summary:
This operation will assign a user-defined policy to the given user-defined role in the current organization
Note:
This method will only allow assigning a user-defined policy to a user-defined role
Errors
400 (Bad Request)
Malformed-Request
401 (Unauthorised)
The credential used to access this resource is invalid/expired
403 (Forbidden)
User with this role is not allowed to access the resource
404 (Not Found)
The role you requested does not exist in the organization
409 (Conflict)
The policy is already assigned to this role
412 (Precondition Failed)
If the “If-Match” header is included in the request, this error status indicates that the value of “If-Match” (the ETag information) did not match and therefore the entity was not updated.
423 (Locked)
The requested role is not a user managed role
423 (Locked)
The policy is not a user-defined policy
423 (Locked)
The requested role is disabled
423 (Locked)
The requested policy is disabled
500 (Internal Server Error)
Some unexpected error occurred requesting this resource
Usage
chef-platform-auth-cli authz role assign-policy [flags]
Options
--body
policy to add
--body-file
Path to file in the local system containing valid body parameter value
--body-format
Format of the --body or --body-file, options: json, yaml, toml
Default value:
json
--format
to print response in format
Default value:
json
-h
--help
help for assign-policy
Default value:
false
--If-Match
If-Match will compare the supplied etag to the resource requested. If the etag does not match the operation will be aborted.
--profile
name of the profile to be used for cmd
Default value:
default
--roleId
ID of a Role
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli authz role create-role
Create a role under current organization
Synopsis
Summary:
This operation will create a new Role. Roles are assigned to one or more policies. Policies allow access to API end-points based upon routing rules and enforced by the API gateway. Users can then assign the roles, when a user logs into a tenant and selects an organization, they must choose a role.
Note:
This method will always result in a Role which is user-defined and meant for “user”. Role meant for “node” can not be created with this api.
Errors
400 (Bad Request)
Invalid schema for request.
401 (Unauthorised)
The credential used to access this resource is invalid/expired
403 (Forbidden)
User with this role is not allowed to access the resource
409 (Conflict)
Role name already exist in this organizational unit.
422 (Unprocessable Content)
The role does not meet the validation requirements. Reference the errors in the response for more details.
500 (Internal Server Error)
Some unexpected error occurred requesting this resource
Usage
chef-platform-auth-cli authz role create-role [flags]
Options
--body
The role to be created
--body-file
Path to file in the local system containing valid body parameter value
--body-format
Format of the --body or --body-file, options: json, yaml, toml
Default value:
json
--format
to print response in format
Default value:
json
-h
--help
help for create-role
Default value:
false
--profile
name of the profile to be used for cmd
Default value:
default
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli authz role delete-policy
Detach a user-defined policy from a user-defined role
Synopsis
Summary:
Use this operation to remove a policy from a role.
Note:
This method will only allow detaching of user-defined policies from a User defined role in the current organization.
Errors
401 (Unauthorised)
The credential used to access this resource is invalid/expired
403 (Forbidden)
User with this role is not allowed to access the resource
404 (Not Found)
The role you requested does not exist in the organization
409 (Conflict)
The policy requested is not attached to the role
412 (Precondition Failed)
If the “If-Match” header is included in the request, this error status indicates that the value of “If-Match” (the ETag information) did not match and therefore the entity was not updated.
423 (Locked)
Role is not a User defined role
500 (Internal Server Error)
Some unexpected error occurred requesting this resource
Usage
chef-platform-auth-cli authz role delete-policy [flags]
Options
--format
to print response in format
Default value:
json
-h
--help
help for delete-policy
Default value:
false
--If-Match
If-Match will compare the supplied etag to the resource requested. If the etag does not match the operation will be aborted.
--policyId
ID of a Policy
--profile
name of the profile to be used for cmd
Default value:
default
--roleId
ID of a Role
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli authz role delete-role
Delete a role
Synopsis
Summary:
Use this operation to remove a role. This will prevent all users from selecting this role upon login or when switching roles.
WARNING If a user is currently using a role when the cache expires (invalidated) the user will be prevented from performing any actions until they log out and log in again.
Note:
This method will only allow deleting of User defined roles
Errors
401 (Unauthorised)
The credential used to access this resource is invalid/expired
403 (Forbidden)
User with this role is not allowed to access the resource
404 (Not Found)
The role requested does not exist in the organization
412 (Precondition Failed)
If the “If-Match” header is included in the request, this error status indicates that the value of “If-Match” (the ETag information) did not match and therefore the entity was not updated.
423 (Locked)
Role is not a User managed role
500 (Internal Server Error)
Some unexpected error occurred requesting this resource
Usage
chef-platform-auth-cli authz role delete-role [flags]
Options
--format
to print response in format
Default value:
json
-h
--help
help for delete-role
Default value:
false
--If-Match
If-Match will compare the supplied etag to the resource requested. If the etag does not match the operation will be aborted.
--profile
name of the profile to be used for cmd
Default value:
default
--roleId
ID of a Role
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli authz role disable-role
Disable a role in the current organization
Synopsis
Summary:
Use this operation when there is need to disable a role for all assigned users. This will prevent all users from selecting this role upon login, or changing to the role.
WARNING If a user is currently using a role when the cache expires (invalidated) the user will be prevented from performing any actions until they log out and log in again.
Note:
This method will only allow disabling of User or System roles. Service roles can not be disabled using this method.
Errors
401 (Unauthorised)
The credential used to access this resource is invalid/expired
403 (Forbidden)
User with this role is not allowed to access the resource
404 (Not Found)
The role was not found
409 (Conflict)
Role is already disabled
412 (Precondition Failed)
If the “If-Match” header is included in the request, this error status indicates that the value of “If-Match” (the ETag information) did not match and therefore the entity was not updated.
423 (Locked)
Role is not a User managed role
500 (Internal Server Error)
Some unexpected error occurred requesting this resource
Usage
chef-platform-auth-cli authz role disable-role [flags]
Options
--format
to print response in format
Default value:
json
-h
--help
help for disable-role
Default value:
false
--If-Match
If-Match will compare the supplied etag to the resource requested. If the etag does not match the operation will be aborted.
--profile
name of the profile to be used for cmd
Default value:
default
--roleId
ID of a Role
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli authz role enable-role
Enable a user-defined role in the current organization
Synopsis
Summary:
Use this operation to enable a disabled role.
Errors
401 (Unauthorised)
The credential used to access this resource is invalid/expired
403 (Forbidden)
User with this role is not allowed to access the resource
404 (Not Found)
The role you requested does not exist in the organization
409 (Conflict)
the role is already enabled
412 (Precondition Failed)
If the “If-Match” header is included in the request, this error status indicates that the value of “If-Match” (the ETag information) did not match and therefore the entity was not updated.
423 (Locked)
Role is not a User managed role
500 (Internal Server Error)
Some unexpected error occurred requesting this resource
Usage
chef-platform-auth-cli authz role enable-role [flags]
Options
--format
to print response in format
Default value:
json
-h
--help
help for enable-role
Default value:
false
--If-Match
If-Match will compare the supplied etag to the resource requested. If the etag does not match the operation will be aborted.
--profile
name of the profile to be used for cmd
Default value:
default
--roleId
ID of a Role
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli authz role find-role
List roles
Synopsis
Summary:
This operation will list all user-defined roles under the current organization and the system defined roles.
Note:
Unless definedBy is specified this will default to limiting results to user-defined roles only
Errors
401 (Unauthorised)
The credential used to access this resource is invalid/expired
403 (Forbidden)
User with this role is not allowed to access the resource
422 (Unprocessable Content)
The request query string options does not meet the validation requirements. Reference the errors in the response for more details.
500 (Internal Server Error)
Some unexpected error occurred requesting this resource
Usage
chef-platform-auth-cli authz role find-role [flags]
Options
--definedBy
who defined the role
Default value:
user
--description
A partial match against the description of a Role
--filterByIds
List of role ids to filter by
Default value:
[]
--format
to print response in format
Default value:
json
-h
--help
help for find-role
Default value:
false
--level
at what level can this role be used
Default value:
org
--meantFor
to whom this role can be assigned
Default value:
user
--name
The name of the role
--pagination.page
what page of the pagination
Default value:
1
--pagination.size
items per page
Default value:
10
--profile
name of the profile to be used for cmd
Default value:
default
--status
The Status of the roles to filter by
Default value:
enabled
--text
A partial match against the name or description of a role
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli authz role get-policy
Get details of a policy assigned to the role
Synopsis
Summary:
Use this operation to get details of a policy assigned to the role. The role can be a system defined role or a custom role in the current organization.
Errors
401 (Unauthorised)
The credential used to access this resource is invalid/expired
403 (Forbidden)
User with this role is not allowed to access the resource
404 (Not Found)
The role you requested is neither a system defined role nor it exists in the current organization
404 (Not Found)
The policy requested is not attached to the role
500 (Internal Server Error)
Some unexpected error occurred requesting this resource
Usage
chef-platform-auth-cli authz role get-policy [flags]
Options
--format
to print response in format
Default value:
json
-h
--help
help for get-policy
Default value:
false
--policyId
ID of a Policy
--profile
name of the profile to be used for cmd
Default value:
default
--roleId
ID of a Role
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli authz role get-role
Get details of a role
Synopsis
Summary:
Use this operation to get details of a user-defined role in the organization or any system defined role
Errors
401 (Unauthorised)
The credential used to access this resource is invalid/expired
403 (Forbidden)
User with this role is not allowed to access the resource
404 (Not Found)
The role requested does not exist in the organization and neither a system-defined role
500 (Internal Server Error)
Some unexpected error occurred requesting this resource
Usage
chef-platform-auth-cli authz role get-role [flags]
Options
--format
to print response in format
Default value:
json
-h
--help
help for get-role
Default value:
false
--profile
name of the profile to be used for cmd
Default value:
default
--roleId
ID of a Role
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli authz role list-policies
List all policies attached to a role
Synopsis
Summary:
This operation will list all policies attached to the given role. The role can be a system defined role or a custom role in the current organization.
Note:
- Unless roleStatus is specified it will be considered as enabled(default) and we will check if the role is enabled.
- Unless policyStatus is specified it will be considered as enabled(default) it will get all policies which are enabled. If it’s specified as all it gets all policies irrespective of their status.
Errors
401 (Unauthorised)
The credential used to access this resource is invalid/expired
403 (Forbidden)
User with this role is not allowed to access the resource
500 (Internal Server Error)
Some unexpected error occurred requesting this resource
404 (Not Found)
The role you requested is neither a system defined role nor it exists in the current organization.
404 (Not Found)
The roleStatus is sent as disabled but the role is not disabled. So the given role doesn’t match the status criteria and hence not found
423 (Locked)
The roleStatus is sent as enabled but the role is disabled. Then this API should not return the associated policies.
Usage
chef-platform-auth-cli authz role list-policies [flags]
Options
--expand
Expand the policies
Default value:
false
--format
to print response in format
Default value:
json
-h
--help
help for list-policies
Default value:
false
--policyStatus
The Status of the policies to filter by
--profile
name of the profile to be used for cmd
Default value:
default
--roleId
ID of a Role
--roleStatus
The Status of the roles to filter by
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli authz role modify-policies
Assign specified policies to the role.
Synopsis
Summary:
The API will assign the specified policies to the role as a final set of policies.
Errors
404 (Not Found)
The policy or role you requested does not exist.
422 (Policy validation failed)
The policy or role is a system defined policy not a user defined policy.
423 (Locked)
The role or policy is disabled.
401 (Unauthorized)
The credential used to access this resource is invalid or expired.
403 (Forbidden)
A user with this role is not allowed to access the resource.
500 (Internal Server Error)
Some unexpected errors occurred while requesting this resource.
503 (Service Unavailable)
The request service is not responsive.
Usage
chef-platform-auth-cli authz role modify-policies [flags]
Options
--body
Policies to be attached or detached to the role
--body-file
Path to file in the local system containing valid body parameter value
--body-format
Format of the --body or --body-file, options: json, yaml, toml
Default value:
json
--format
to print response in format
Default value:
json
-h
--help
help for modify-policies
Default value:
false
--profile
name of the profile to be used for cmd
Default value:
default
--roleId
ID of a Role
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli authz role test-role
Test a role
Synopsis
Summary:
This operation can be used to test access to a route and method against a given role
Errors
400 (Bad Request)
Malformed-Request
401 (Unauthorised)
The credential used to access this resource is invalid/expired
403 (Forbidden)
User with this role is not allowed to access the resource
404 (Not Found)
The role requested is neither a system role; nor it exists in the organization
422 (Unprocessable Content)
The requested payload does not meet the validation requirements. Reference the errors in the response for more details.
500 (Internal Server Error)
Some unexpected error occurred requesting this resource
Usage
chef-platform-auth-cli authz role test-role [flags]
Options
--body
An URI and HTTP method to test
--body-file
Path to file in the local system containing valid body parameter value
--body-format
Format of the --body or --body-file, options: json, yaml, toml
Default value:
json
--format
to print response in format
Default value:
json
-h
--help
help for test-role
Default value:
false
--profile
name of the profile to be used for cmd
Default value:
default
--roleId
ID of a Role
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli authz role update-role
Update a role
Synopsis
Summary:
This operation will update an existing role under current org.
Note:
This method will only allow updating of user-defined roles
Errors
400 (Bad Request)
Malformed-Request
401 (Unauthorised)
The credential used to access this resource is invalid/expired
403 (Forbidden)
User with this role is not allowed to access the resource
404 (Not Found)
Role doesn’t exist in this organization
409 (Conflict)
Role name already exist in this organization
412 (Precondition Failed)
If the “If-Match” header is included in the request, this error status indicates that the value of “If-Match” (the ETag information) did not match and therefore the entity was not updated.
422 (Unprocessable Content)
The role does not meet the validation requirements. Reference the errors in the response for more details.
423 (Locked)
Role is not a user-defined role and thus can not be updated
500 (Internal Server Error)
Some unexpected error occurred requesting this resource
Usage
chef-platform-auth-cli authz role update-role [flags]
Options
--body
The role details to be updated
--body-file
Path to file in the local system containing valid body parameter value
--body-format
Format of the --body or --body-file, options: json, yaml, toml
Default value:
json
--format
to print response in format
Default value:
json
-h
--help
help for update-role
Default value:
false
--If-Match
If-Match will compare the supplied etag to the resource requested. If the etag does not match the operation will be aborted.
--profile
name of the profile to be used for cmd
Default value:
default
--roleId
ID of a Role
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli completion
Generate the autocompletion script for the specified shell
Synopsis
Generate the autocompletion script for chef-platform-auth-cli for the specified shell. See each sub-command’s help for details on how to use the generated script.
Options
-h
--help
help for completion
Default value:
false
See also
- chef-platform-auth-cli completion bash
- chef-platform-auth-cli completion fish
- chef-platform-auth-cli completion powershell
- chef-platform-auth-cli completion zsh
chef-platform-auth-cli completion bash
Generate the autocompletion script for bash
Synopsis
Generate the autocompletion script for the bash shell.
This script depends on the ‘bash-completion’ package. If it is not installed already, you can install it via your OS’s package manager.
To load completions in your current shell session:
source <(chef-platform-auth-cli completion bash)
To load completions for every new session, execute once:
Linux:
chef-platform-auth-cli completion bash > /etc/bash_completion.d/chef-platform-auth-cli
macOS:
chef-platform-auth-cli completion bash > $(brew --prefix)/etc/bash_completion.d/chef-platform-auth-cli
You will need to start a new shell for this setup to take effect.
completion-bash package
You must have the bash-completion package installed on your workstation to run the completion bash
subcommand.
To install and configure the package, see the Chef 360 Platform CLI documentation.
Usage
chef-platform-auth-cli completion bash
Options
-h
--help
help for bash
Default value:
false
--no-descriptions
disable completion descriptions
Default value:
false
See also
chef-platform-auth-cli completion fish
Generate the autocompletion script for fish
Synopsis
Generate the autocompletion script for the fish shell.
To load completions in your current shell session:
chef-platform-auth-cli completion fish | source
To load completions for every new session, execute once:
chef-platform-auth-cli completion fish > ~/.config/fish/completions/chef-platform-auth-cli.fish
You will need to start a new shell for this setup to take effect.
Usage
chef-platform-auth-cli completion fish [flags]
Options
-h
--help
help for fish
Default value:
false
--no-descriptions
disable completion descriptions
Default value:
false
See also
chef-platform-auth-cli completion powershell
Generate the autocompletion script for powershell
Synopsis
Generate the autocompletion script for powershell.
To load completions in your current shell session:
chef-platform-auth-cli completion powershell | Out-String | Invoke-Expression
To load completions for every new session, add the output of the above command to your powershell profile.
Usage
chef-platform-auth-cli completion powershell [flags]
Options
-h
--help
help for powershell
Default value:
false
--no-descriptions
disable completion descriptions
Default value:
false
See also
chef-platform-auth-cli completion zsh
Generate the autocompletion script for zsh
Synopsis
Generate the autocompletion script for the zsh shell.
If shell completion is not already enabled in your environment you will need to enable it. You can execute the following once:
echo "autoload -U compinit; compinit" >> ~/.zshrc
To load completions in your current shell session:
source <(chef-platform-auth-cli completion zsh)
To load completions for every new session, execute once:
Linux:
chef-platform-auth-cli completion zsh > "${fpath[1]}/_chef-platform-auth-cli"
macOS:
chef-platform-auth-cli completion zsh > $(brew --prefix)/share/zsh/site-functions/_chef-platform-auth-cli
You will need to start a new shell for this setup to take effect.
Usage
chef-platform-auth-cli completion zsh [flags]
Options
-h
--help
help for zsh
Default value:
false
--no-descriptions
disable completion descriptions
Default value:
false
See also
chef-platform-auth-cli deregister-device
De-register a device
Synopsis
Use this operation to de-register a device
Usage
chef-platform-auth-cli deregister-device [flags]
Options
--force
force remove profile from local list of profiles, even on error from server
Default value:
false
-f
--format
to print response in format
Default value:
json
-h
--help
help for deregister-device
Default value:
false
--profile
name for the profile of the new api-token
Default value:
default
-v
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli get-default-profile
Get default profile for request
Usage
chef-platform-auth-cli get-default-profile [flags]
Options
-h
--help
help for get-default-profile
Default value:
false
See also
chef-platform-auth-cli license-management
Commands for license management
Synopsis
Commands for managing license management
Options
-h
--help
help for license-management
Default value:
false
See also
- chef-platform-auth-cli license-management asset
- chef-platform-auth-cli license-management entitlement
- chef-platform-auth-cli license-management feature
- chef-platform-auth-cli license-management license
chef-platform-auth-cli license-management asset
Commands related to asset
Options
-h
--help
help for asset
Default value:
false
See also
- chef-platform-auth-cli license-management
- chef-platform-auth-cli license-management asset get-asset
- chef-platform-auth-cli license-management asset list-assets
chef-platform-auth-cli license-management asset get-asset
Get the Asset details
Synopsis
Summary:
Use this operation to get the asset details based on the given license ids and AssetId or AssetName.
Errors
400 (Bad Request)
The licenses do not exist in the tenant
402 (License not entitled)
The licenses are all disabled
422 (Unprocessable Content)
Both Asset Id and Asset Name cannot be blank
422 (Unprocessable Content)
Either Asset Id or Asset Name should be given; Not both
Usage
chef-platform-auth-cli license-management asset get-asset [flags]
Options
--assetId
Asset id to fetch the details
--assetName
Asset name to fetch the details
--format
to print response in format
Default value:
json
-h
--help
help for get-asset
Default value:
false
--licenseIds
comma separated list of License Ids
--profile
name of the profile to be used for cmd
Default value:
default
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli license-management asset list-assets
Get all assets
Synopsis
Summary:
Use this operation to list all the Assets for the given license Id(s)
Errors
404 (Not Found)
The license(s) do not exist in the tenant
Usage
chef-platform-auth-cli license-management asset list-assets [flags]
Options
--format
to print response in format
Default value:
json
-h
--help
help for list-assets
Default value:
false
--licenseIds
comma separated list of License Ids
--profile
name of the profile to be used for cmd
Default value:
default
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli license-management entitlement
Commands related to entitlement
Options
-h
--help
help for entitlement
Default value:
false
See also
- chef-platform-auth-cli license-management
- chef-platform-auth-cli license-management entitlement get-entitlement
- chef-platform-auth-cli license-management entitlement list-entitlements
chef-platform-auth-cli license-management entitlement get-entitlement
Get the Entitlement details
Synopsis
Summary:
Use this operation to get the entitlement details based on the given license ids, quantity, date and the Entitlement Id.
Errors
400 (Bad Request)
The licenses do not exist in the tenant
402 (License not entitled)
The licenses are all disabled
422 (Unprocessable Content)
Both Entitlement Id and Entitlement Name cannot be blank
422 (Unprocessable Content)
Either Entitlement Id or Entitlement Name should be given
Usage
chef-platform-auth-cli license-management entitlement get-entitlement [flags]
Options
--date
date to validate the license entitlement (format :- YYYY-MM-DD)
--entitlementId
Entitlement id to fetch the details
--entitlementName
Entitlement name to fetch the details
--format
to print response in format
Default value:
json
-h
--help
help for get-entitlement
Default value:
false
--licenseIds
comma separated list of License Ids
--profile
name of the profile to be used for cmd
Default value:
default
--quantity
quantity of entitlement
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli license-management entitlement list-entitlements
Get all entitlements
Synopsis
Summary:
Use this operation to list all the Entitlements for the given license Id(s)
Errors
400 (Bad Request)
The licenses do not exist in the tenant
Usage
chef-platform-auth-cli license-management entitlement list-entitlements [flags]
Options
--format
to print response in format
Default value:
json
-h
--help
help for list-entitlements
Default value:
false
--licenseIds
comma separated list of License Ids
--profile
name of the profile to be used for cmd
Default value:
default
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli license-management feature
Commands related to feature
Options
-h
--help
help for feature
Default value:
false
See also
- chef-platform-auth-cli license-management
- chef-platform-auth-cli license-management feature get-feature
- chef-platform-auth-cli license-management feature list-features
chef-platform-auth-cli license-management feature get-feature
Get the Feature details
Synopsis
Summary:
Use this operation to get the feature details based on the given license ids and FeatureId or FeatureName.
Errors
400 (Bad Request)
The license(s) do not exist in the tenant
402 (License not entitled)
The licenses are all disabled
422 (Unprocessable Content)
Both Feature Id and Feature Name cannot be blank
422 (Unprocessable Content)
Either Feature Id or Feature Name should be given
Usage
chef-platform-auth-cli license-management feature get-feature [flags]
Options
--featureId
Feature id to fetch the details
--featureName
Feature name to fetch the details
--format
to print response in format
Default value:
json
-h
--help
help for get-feature
Default value:
false
--licenseIds
comma separated list of License Ids
--profile
name of the profile to be used for cmd
Default value:
default
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli license-management feature list-features
Get all features
Synopsis
Summary:
Use this operation to list all the Features for the given license Id(s)
Errors
400 (Bad Request)
The licenses do not exist in the tenant
Usage
chef-platform-auth-cli license-management feature list-features [flags]
Options
--format
to print response in format
Default value:
json
-h
--help
help for list-features
Default value:
false
--licenseIds
comma separated list of License Ids
--profile
name of the profile to be used for cmd
Default value:
default
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli license-management license
Commands related to license
Options
-h
--help
help for license
Default value:
false
See also
- chef-platform-auth-cli license-management
- chef-platform-auth-cli license-management license client-license
- chef-platform-auth-cli license-management license describe-license
- chef-platform-auth-cli license-management license disable-license
- chef-platform-auth-cli license-management license download-license
- chef-platform-auth-cli license-management license enable-license
- chef-platform-auth-cli license-management license list-licenses
- chef-platform-auth-cli license-management license load-license
- chef-platform-auth-cli license-management license remove-license
- chef-platform-auth-cli license-management license sync-license
- chef-platform-auth-cli license-management license upload-license
- chef-platform-auth-cli license-management license validate-license
chef-platform-auth-cli license-management license client-license
List client applications
Synopsis
Summary:
Use this operation to provide the client applications based on given license Ids and entitlement Id
Errors
400 (Bad Request)
The licenses you requested does not exist in the tenant
402 (License not entitled)
The licenses are all disabled
422 (Unprocessable Content)
Entitlement Id cannot be blank
Usage
chef-platform-auth-cli license-management license client-license [flags]
Options
--entitlementId
Entitlement id to fetch the details
--format
to print response in format
Default value:
json
-h
--help
help for client-license
Default value:
false
--licenseIds
comma separated list of License Ids
--profile
name of the profile to be used for cmd
Default value:
default
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli license-management license describe-license
Describe a license
Synopsis
Summary:
Use this operation to describe a license based on given license Ids and entitlement Id
Errors
404 (Not Found)
The licenses you requested does not exist in the tenant
402 (License not entitled)
The licenses are all disabled
422 (Unprocessable Content)
Entitlement Id cannot be blank
Usage
chef-platform-auth-cli license-management license describe-license [flags]
Options
--entitlementId
Entitlement id to fetch the details
--format
to print response in format
Default value:
json
-h
--help
help for describe-license
Default value:
false
--licenseIds
comma separated list of License Ids
--profile
name of the profile to be used for cmd
Default value:
default
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli license-management license disable-license
Disable a license
Synopsis
Summary:
Use this operation to disable a license under a tenant in the local datastore
Errors
404 (Not Found)
The license you requested does not exist in the tenant
400 (Bad Request)
The license you requested is not valid
409 (Conflict)
The license is already disabled
Usage
chef-platform-auth-cli license-management license disable-license [flags]
Options
--format
to print response in format
Default value:
json
-h
--help
help for disable-license
Default value:
false
--If-Match
If-Match will compare the supplied etag to the resource requested. If the etag does not match the operation will be aborted.
--licenseId
the License id
--profile
name of the profile to be used for cmd
Default value:
default
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli license-management license download-license
Download a license
Synopsis
Summary:
Use this operation download a license in a tenant
Errors
404 (Not Found)
The license you requested does not exist in the tenant
423 (Locked)
The license is disabled in the tenant
Usage
chef-platform-auth-cli license-management license download-license [flags]
Options
--format
to print response in format
Default value:
json
-h
--help
help for download-license
Default value:
false
--licenseId
the License id
--profile
name of the profile to be used for cmd
Default value:
default
--verbose
to show debug logs
Default value:
false
--version
the license version
Default value:
2
See also
chef-platform-auth-cli license-management license enable-license
Enable a license
Synopsis
Summary:
Use this operation to enable a license under a tenant in the local datastore
Errors
404 (Not Found)
The license you requested does not exist in the tenant
400 (Bad Request)
The license you requested is not valid
409 (Conflict)
The license is already enabled
Usage
chef-platform-auth-cli license-management license enable-license [flags]
Options
--format
to print response in format
Default value:
json
-h
--help
help for enable-license
Default value:
false
--If-Match
If-Match will compare the supplied etag to the resource requested. If the etag does not match the operation will be aborted.
--licenseId
the License id
--profile
name of the profile to be used for cmd
Default value:
default
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli license-management license list-licenses
List licenses
Synopsis
Summary:
Use this operation to list all the license present in the local data store in a tenant
Errors
Usage
chef-platform-auth-cli license-management license list-licenses [flags]
Options
--format
to print response in format
Default value:
json
-h
--help
help for list-licenses
Default value:
false
--profile
name of the profile to be used for cmd
Default value:
default
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli license-management license load-license
Load a license
Synopsis
Summary:
Use this operation to load the license information. This endpoint is useful in non- airgap mode. It downloads the License information from Global Service, and then adds it to Local license datastore.
Errors
404 (Not Found)
The license you requested does not exist
400 (Bad Request)
The license you requested is not valid
400 (Bad Request)
This API can’t be used in AirGap mode
Usage
chef-platform-auth-cli license-management license load-license [flags]
Options
--body
Load the license information in local datastore
--body-file
Path to file in the local system containing valid body parameter value
--body-format
Format of the --body or --body-file, options: json, yaml, toml
Default value:
json
--format
to print response in format
Default value:
json
-h
--help
help for load-license
Default value:
false
--profile
name of the profile to be used for cmd
Default value:
default
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli license-management license remove-license
Remove a license
Synopsis
Summary:
Use this operation to remove a license under a tenant in the local datastore
Errors
404 (Not Found)
The license you requested does not exist in the tenant
400 (Bad Request)
The license you requested is not valid
409 (Conflict)
The license is already removed from the tenant
Usage
chef-platform-auth-cli license-management license remove-license [flags]
Options
--format
to print response in format
Default value:
json
-h
--help
help for remove-license
Default value:
false
--If-Match
If-Match will compare the supplied etag to the resource requested. If the etag does not match the operation will be aborted.
--licenseId
the License id
--profile
name of the profile to be used for cmd
Default value:
default
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli license-management license sync-license
Sync all licenses
Synopsis
Summary:
Use this operation to sync all licenses under a tenant in the local datastore. This doesn’t change the state of licenses present in local datastore.
Errors
400 (Bad Request)
This API can’t be used in AirGap mode
Usage
chef-platform-auth-cli license-management license sync-license [flags]
Options
--format
to print response in format
Default value:
json
-h
--help
help for sync-license
Default value:
false
--profile
name of the profile to be used for cmd
Default value:
default
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli license-management license upload-license
Upload a license
Synopsis
Summary:
Use this operation to upload the license information. This endpoint is useful in airgap mode. It takes the license information as input, and then adds/updates it to Local license datastore.
Errors
400 (Bad Request)
The license Id present in request body is invalid
400 (Bad Request)
Evidence present in request body is invalid
Usage
chef-platform-auth-cli license-management license upload-license [flags]
Options
--body
Load the license information in local datastore
--body-file
Path to file in the local system containing valid body parameter value
--body-format
Format of the --body or --body-file, options: json, yaml, toml
Default value:
json
--format
to print response in format
Default value:
json
-h
--help
help for upload-license
Default value:
false
--profile
name of the profile to be used for cmd
Default value:
default
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli license-management license validate-license
Validate a license Id
Synopsis
Summary:
Use this operation validate if a licenseId is present in tenant or not
Errors
400 (Bad Request)
The license you requested does not exist in the tenant
423 (Locked)
The license is disabled in the tenant
Usage
chef-platform-auth-cli license-management license validate-license [flags]
Options
--format
to print response in format
Default value:
json
-h
--help
help for validate-license
Default value:
false
--licenseId
the License id
--profile
name of the profile to be used for cmd
Default value:
default
--verbose
to show debug logs
Default value:
false
--version
the license version
Default value:
2
See also
chef-platform-auth-cli license-usage
Commands for license usage
Synopsis
Commands for managing license usage
Options
-h
--help
help for license-usage
Default value:
false
See also
chef-platform-auth-cli license-usage audit
Commands related to audit
Options
-h
--help
help for audit
Default value:
false
See also
- chef-platform-auth-cli license-usage
- chef-platform-auth-cli license-usage audit get-usage
- chef-platform-auth-cli license-usage audit list-audit
- chef-platform-auth-cli license-usage audit list-audits
chef-platform-auth-cli license-usage audit get-usage
get the audit details for a specific date
Synopsis
Summary:
Use this to get the specific audit details for a given service for a specific date
Notes:
This response is polymorphic the resulting item arry will be unique to the service selected.
Errors
404 (Not Found)
The date requested contains no audits
404 (Not Found)
The service requested was not audited on the requested date
422 (Unprocessable Content)
The request query string options does not meet the validation requirements. Reference the errors in the response for more details.
Usage
chef-platform-auth-cli license-usage audit get-usage [flags]
Options
--date
date of an audit (format :- YYYY-MM-DD)
--format
to print response in format
Default value:
json
-h
--help
help for get-usage
Default value:
false
--pagination.page
what page of the pagination
Default value:
1
--pagination.size
items per page
Default value:
10
--profile
name of the profile to be used for cmd
Default value:
default
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli license-usage audit list-audit
Lists the services audit for a specific date
Synopsis
Summary:
Use this operation when there is a need to view the specific services that were audited on a specific date
Errors
422 (Unprocessable Content)
The request query string options does not meet the validation requirements. Reference the errors in the response for more details.
Usage
chef-platform-auth-cli license-usage audit list-audit [flags]
Options
--date
date of an audit (format :- YYYY-MM-DD)
--format
to print response in format
Default value:
json
-h
--help
help for list-audit
Default value:
false
--pagination.page
what page of the pagination
Default value:
1
--pagination.size
items per page
Default value:
10
--profile
name of the profile to be used for cmd
Default value:
default
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli license-usage audit list-audits
List Consumption Audits
Synopsis
Summary:
This operation will list consumption audits
Errors
422 (Unprocessable Content)
The request query string options does not meet the validation requirements. Reference the errors in the response for more details.
Usage
chef-platform-auth-cli license-usage audit list-audits [flags]
Options
--format
to print response in format
Default value:
json
-h
--help
help for list-audits
Default value:
false
--pagination.page
what page of the pagination
Default value:
1
--pagination.size
items per page
Default value:
10
--profile
name of the profile to be used for cmd
Default value:
default
--status
The Status of an Usage Audit
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli list-profile-names
Get the list of profile names available
Usage
chef-platform-auth-cli list-profile-names [flags]
Options
-h
--help
help for list-profile-names
Default value:
false
See also
chef-platform-auth-cli node-account
Commands for node account
Synopsis
Commands for managing node account
Options
-h
--help
help for node-account
Default value:
false
See also
chef-platform-auth-cli node-account node
Commands related to node
Options
-h
--help
help for node
Default value:
false
See also
- chef-platform-auth-cli node-account
- chef-platform-auth-cli node-account node assign-role
- chef-platform-auth-cli node-account node delete-node
- chef-platform-auth-cli node-account node delete-role
- chef-platform-auth-cli node-account node disable-node
- chef-platform-auth-cli node-account node disable-role
- chef-platform-auth-cli node-account node enable-node
- chef-platform-auth-cli node-account node enable-role
- chef-platform-auth-cli node-account node find-node
- chef-platform-auth-cli node-account node get-node
- chef-platform-auth-cli node-account node get-nodeByRef
- chef-platform-auth-cli node-account node get-role
- chef-platform-auth-cli node-account node list-roles
- chef-platform-auth-cli node-account node register-node
- chef-platform-auth-cli node-account node rotate-credentials
- chef-platform-auth-cli node-account node update-credentials
- chef-platform-auth-cli node-account node verify-role
chef-platform-auth-cli node-account node assign-role
Assigns a node a new role
Synopsis
Summary:
Use this operation to assign a new role to an existing node.
Note:
Until this node is assigned credentials it will not be able to communicate with the platform and will remain in the registered status
Errors
400 (Bad Request)
Malformed-Request
401 (Unauthorised)
The credential used to access this resource is invalid/expired
403 (Forbidden)
User with this role is not allowed to access the resource
404 (Not Found)
The role you requested does not exist in the organization
409 (Conflict)
The role is already assigned to this node
409 (Conflict)
The requested node is disabled, please enable the node before requesting credential rotation
412 (Precondition Failed)
If the “If-Match” header is included in the request, this error status indicates that the value of “If-Match” (the ETag information) did not match and therefore the entity was not updated.
500 (Internal Server Error)
Some unexpected error occurred requesting this resource
Usage
chef-platform-auth-cli node-account node assign-role [flags]
Options
--body
Role to be assigned to this node
--body-file
Path to file in the local system containing valid body parameter value
--body-format
Format of the --body or --body-file, options: json, yaml, toml
Default value:
json
--format
to print response in format
Default value:
json
-h
--help
help for assign-role
Default value:
false
--If-Match
If-Match will compare the supplied etag to the resource requested. If the etag does not match the operation will be aborted.
--nodeId
ID of a node
--profile
name of the profile to be used for cmd
Default value:
default
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli node-account node delete-node
Delete a node
Synopsis
Summary:
Use this operation to remove a node. This will prevent all services/agents running on the node from communicating with the platform.
WARNING Deleted node can no longer communicate with the platform, but may still be running. Once a node has been deleted to enable communication again it must be re-enrolled
Notes:
This will have no effect for services/operations not managed by Chef Platform. e.g. chef client communicating directly to Infra Server.
Errors
401 (Unauthorised)
The credential used to access this resource is invalid/expired
403 (Forbidden)
User with this role is not allowed to access the resource
404 (Not Found)
The node or role you requested does not exist in the organization
412 (Precondition Failed)
If the “If-Match” header is included in the request, this error status indicates that the value of “If-Match” (the ETag information) did not match and therefore the entity was not updated.
500 (Internal Server Error)
Some unexpected error occurred requesting this resource
Usage
chef-platform-auth-cli node-account node delete-node [flags]
Options
--format
to print response in format
Default value:
json
-h
--help
help for delete-node
Default value:
false
--If-Match
If-Match will compare the supplied etag to the resource requested. If the etag does not match the operation will be aborted.
--nodeId
ID of a node
--profile
name of the profile to be used for cmd
Default value:
default
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli node-account node delete-role
Deletes a node roles
Synopsis
Summary:
Use this operation to remove a nodes role. This will disable all services/agents running on the node that are managed by Chef Platform.
WARNING Deleted node roles can no longer communicate with the platform, but may still be running. Once a role has been deleted to enable communication again from this node’s role it must be assigned (authorized), and then new credentials need to be issued. If a node’s role has been deleted consider removing the skill and re-installing it or performing a node re-enrollment
Notes:
This will have no effect for services/operations not managed by Chef Platform. e.g. chef client communicating directly to Infra Server.
Errors
401 (Unauthorised)
The credential used to access this resource is invalid/expired
403 (Forbidden)
User with this role is not allowed to access the resource
404 (Not Found)
The node or role you requested does not exist in the organization
404 (Not Found)
The role you requested is not assigned to this node in the organization
412 (Precondition Failed)
If the “If-Match” header is included in the request, this error status indicates that the value of “If-Match” (the ETag information) did not match and therefore the entity was not updated.
500 (Internal Server Error)
Some unexpected error occurred requesting this resource
Usage
chef-platform-auth-cli node-account node delete-role [flags]
Options
--format
to print response in format
Default value:
json
-h
--help
help for delete-role
Default value:
false
--If-Match
If-Match will compare the supplied etag to the resource requested. If the etag does not match the operation will be aborted.
--nodeId
ID of a node
--profile
name of the profile to be used for cmd
Default value:
default
--roleId
ID of a Role
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli node-account node disable-node
Disable a node
Synopsis
Summary:
Use this operation when there is a need to disable a node without deleting items. This will disable all services/agents running on the node that are managed by Chef Platform.
WARNING Disabled nodes can no longer communicate with the platform, but may still be running. All actions preformed by this node will fail until enabled.
Notes:
1.) This operation does not rotate or revoke credentials for the node. Once re-enabled
the node will continue to communicate using the same credentials.
2.) This will have no effect for services/operations not managed by Chef Platform.
e.g. chef client communicating directly to Infra Server.
Errors
401 (Unauthorised)
The credential used to access this resource is invalid/expired
403 (Forbidden)
User with this role is not allowed to access the resource
404 (Not Found)
The node you requested does not exist in the organization
409 (Conflict)
Expect this error code if the node is already disabled.
412 (Precondition Failed)
If the “If-Match” header is included in the request, this error status indicates that the value of “If-Match” (the ETag information) did not match and therefore the entity was not updated.
500 (Internal Server Error)
Some unexpected error occurred requesting this resource
Usage
chef-platform-auth-cli node-account node disable-node [flags]
Options
--format
to print response in format
Default value:
json
-h
--help
help for disable-node
Default value:
false
--If-Match
If-Match will compare the supplied etag to the resource requested. If the etag does not match the operation will be aborted.
--nodeId
ID of a node
--profile
name of the profile to be used for cmd
Default value:
default
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli node-account node disable-role
Disable a node’s role (agent/service)
Synopsis
Summary:
Use this operation when there is a need to disable a single role for a node without deleting that role. This will disable that specific (services/agents) ability to communicate with the Chef Platform.
WARNING Disabled node’s role can no longer communicate with the platform, but may still be running. All actions preformed by this node for this role will fail until enabled.
Notes:
1.) This operation does not rotate or revoke credentials for the node’s role. Once re-enabled
the node’s role will continue to communicate using the same credentials.
2.) This will have no effect for services/operations not managed by Chef Platform.
e.g. chef client communicating directly to Infra Server.
Errors
401 (Unauthorised)
The credential used to access this resource is invalid/expired
403 (Forbidden)
User with this role is not allowed to access the resource
404 (Not Found)
The node you requested does not exist in the organization
404 (Not Found)
The node’s role you requested is not assigned to this role for the organization
409 (Conflict)
Expect this error code if the node’s role is already disabled.
412 (Precondition Failed)
If the “If-Match” header is included in the request, this error status indicates that the value of “If-Match” (the ETag information) did not match and therefore the entity was not updated.
500 (Internal Server Error)
Some unexpected error occurred requesting this resource
Usage
chef-platform-auth-cli node-account node disable-role [flags]
Options
--format
to print response in format
Default value:
json
-h
--help
help for disable-role
Default value:
false
--If-Match
If-Match will compare the supplied etag to the resource requested. If the etag does not match the operation will be aborted.
--nodeId
ID of a node
--profile
name of the profile to be used for cmd
Default value:
default
--roleId
ID of a Role
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli node-account node enable-node
Enable a node
Synopsis
Summary:
Use this operation to enable a disabled node. This will allow enabled services/agents running on the node to communicate with the platform.
Errors
401 (Unauthorised)
The credential used to access this resource is invalid/expired
403 (Forbidden)
User with this role is not allowed to access the resource
404 (Not Found)
The node you requested does not exist in the organization
409 (Conflict)
Expect this error code if the node is already enabled.
412 (Precondition Failed)
If the “If-Match” header is included in the request, this error status indicates that the value of “If-Match” (the ETag information) did not match and therefore the entity was not updated.
500 (Internal Server Error)
Some unexpected error occurred requesting this resource
Usage
chef-platform-auth-cli node-account node enable-node [flags]
Options
--format
to print response in format
Default value:
json
-h
--help
help for enable-node
Default value:
false
--If-Match
If-Match will compare the supplied etag to the resource requested. If the etag does not match the operation will be aborted.
--nodeId
ID of a node
--profile
name of the profile to be used for cmd
Default value:
default
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli node-account node enable-role
Enable a node’s role (agent/service)
Synopsis
Summary:
Use this operation to enable a disabled node’s role. This will allow enabled the role (services/agents) running on the node to communicate with the platform.
Errors
401 (Unauthorised)
The credential used to access this resource is invalid/expired
403 (Forbidden)
User with this role is not allowed to access the resource
404 (Not Found)
The node you requested does not exist in the organization
404 (Not Found)
The node’s role you requested is not assigned to this role for the organization
409 (Conflict)
Expect this error code if the node’s role is already enabled
412 (Precondition Failed)
If the “If-Match” header is included in the request, this error status indicates that the value of “If-Match” (the ETag information) did not match and therefore the entity was not updated.
500 (Internal Server Error)
Some unexpected error occurred requesting this resource
Usage
chef-platform-auth-cli node-account node enable-role [flags]
Options
--format
to print response in format
Default value:
json
-h
--help
help for enable-role
Default value:
false
--If-Match
If-Match will compare the supplied etag to the resource requested. If the etag does not match the operation will be aborted.
--nodeId
ID of a node
--profile
name of the profile to be used for cmd
Default value:
default
--roleId
ID of a Role
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli node-account node find-node
Find nodes
Synopsis
Summary:
This method will allow users to search for nodes in the current organization.
Errors
401 (Unauthorised)
The credential used to access this resource is invalid/expired
403 (Forbidden)
User with this role is not allowed to access the resource
422 (Unprocessable Content)
The request query string options does not meet the validation requirements. Reference the errors in the response for more details.
500 (Internal Server Error)
Some unexpected error occurred requesting this resource
Usage
chef-platform-auth-cli node-account node find-node [flags]
Options
--format
to print response in format
Default value:
json
-h
--help
help for find-node
Default value:
false
--pagination.page
what page of the pagination
Default value:
1
--pagination.size
items per page
Default value:
10
--profile
name of the profile to be used for cmd
Default value:
default
--status
The Status of the Node to filter by
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli node-account node get-node
Get a node
Synopsis
Summary:
Use this operation get an authorized node
Notes
This is not the same as loading a node from node management. This will only load the authorization information about a node
Errors
401 (Unauthorised)
The credential used to access this resource is invalid/expired
403 (Forbidden)
User with this role is not allowed to access the resource
404 (Not Found)
The node you requested does not exist in the organization
500 (Internal Server Error)
Some unexpected error occurred requesting this resource
Usage
chef-platform-auth-cli node-account node get-node [flags]
Options
--format
to print response in format
Default value:
json
-h
--help
help for get-node
Default value:
false
--nodeId
ID of a node
--profile
name of the profile to be used for cmd
Default value:
default
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli node-account node get-nodeByRef
Get a node by node ref id
Synopsis
Summary:
Use this operation get an authorized node using the node ref id that is present in node management
Notes
This is not the same as loading a node from node management. This will only load the authorization information about a node
Errors
401 (Unauthorised)
The credential used to access this resource is invalid/expired
403 (Forbidden)
User with this role is not allowed to access the resource
404 (Not Found)
The node you requested does not exist in the organization
500 (Internal Server Error)
Some unexpected error occurred requesting this resource
Usage
chef-platform-auth-cli node-account node get-nodeByRef [flags]
Options
--format
to print response in format
Default value:
json
-h
--help
help for get-nodeByRef
Default value:
false
--profile
name of the profile to be used for cmd
Default value:
default
--refId
ID of a node ref
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli node-account node get-role
Get a node assigned role
Synopsis
Summary:
Use this operation to get the details on an assigned node’s role
Errors
401 (Unauthorised)
The credential used to access this resource is invalid/expired
403 (Forbidden)
User with this role is not allowed to access the resource
404 (Not Found)
The node you requested does not exist in the organization
404 (Not Found)
The role you requested is not assigned to this node in the organization
500 (Internal Server Error)
Some unexpected error occurred requesting this resource
Usage
chef-platform-auth-cli node-account node get-role [flags]
Options
--format
to print response in format
Default value:
json
-h
--help
help for get-role
Default value:
false
--nodeId
ID of a node
--profile
name of the profile to be used for cmd
Default value:
default
--roleId
ID of a Role
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli node-account node list-roles
List node assigned roles
Synopsis
Summary:
Use this operation to list all of a node’s assigned roles
Errors
401 (Unauthorised)
The credential used to access this resource is invalid/expired
403 (Forbidden)
User with this role is not allowed to access the resource
404 (Not Found)
The node you requested does not exist in the organization
500 (Internal Server Error)
Some unexpected error occurred requesting this resource
Usage
chef-platform-auth-cli node-account node list-roles [flags]
Options
--format
to print response in format
Default value:
json
-h
--help
help for list-roles
Default value:
false
--nodeId
ID of a node
--profile
name of the profile to be used for cmd
Default value:
default
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli node-account node register-node
Registers a node
Synopsis
Summary:
This method will allow a new node to be registered with the platform. Registered nodes are allowed to have roles assigned to them. Node assigned roles are then used by agents (on the node) to communicate with the platform.
WARNING registering a node will not by itself allow the node to communicate with the plaform. A role must be created for the node for each service/agent running on that node.
Note:
1.) A registered node must FIRST existing in the node management catalog before being registered
Process of manually enrolling a node:
1.) Node is added to node management database
2.) Register the node with the platform accounts system
3.) Assign the desired role (for the node)
4.) Force credential rotation
5.) Install the service/agent
6.) Configure the agent with the credentials from Step 4
Note:
Nodes can exist in Node Management that do not exist in the Identity (accounts) database, but no node may exist as an identity that do not exist in node management
Errors
400 (Bad Request)
Malformed-Request
401 (Unauthorised)
The credential used to access this resource is invalid/expired
403 (Forbidden)
User with this role is not allowed to access the resource
409 (Conflict)
Node is already registered
410 (Gone)
The attempt to register the node failed as the node is a symbolic link in node management or has been removed
422 (Unprocessable Content)
The request query string options does not meet the validation requirements. Reference the errors in the response for more details.
500 (Internal Server Error)
Some unexpected error occurred requesting this resource
Usage
chef-platform-auth-cli node-account node register-node [flags]
Options
--body
The node to be registerd
--body-file
Path to file in the local system containing valid body parameter value
--body-format
Format of the --body or --body-file, options: json, yaml, toml
Default value:
json
--format
to print response in format
Default value:
json
-h
--help
help for register-node
Default value:
false
--profile
name of the profile to be used for cmd
Default value:
default
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli node-account node rotate-credentials
Request credential rotation
Synopsis
Summary:
Use this operation to request a node to rotate it’s credentials for a given role (agent/service). Post this agents will automatically rotate their keys whenever a next request is made.
Notes:
1.) This operation allows the agent itself to rotate it’s credentials it does not revoke credentials for a node.
2.) If a node has more than one role (service/agent) running on that node, this will only rotate the credentials for the supplied role
Errors
400 (Bad Request)
Malformed-Request
401 (Unauthorised)
The credential used to access this resource is invalid/expired
403 (Forbidden)
User with this role is not allowed to access the resource
404 (Not Found)
The node you requested does not exist in the organization
404 (Not Found)
The node’s role you requested is not assigned to this node for the organization
409 (Conflict)
The requested node is disabled, please enable the node before requesting credential rotation
409 (Conflict)
The requested role (agent/service) is disabled, please enable the node’s role before requesting credential rotation
412 (Precondition Failed)
If the “If-Match” header is included in the request, this error status indicates that the value of “If-Match” (the ETag information) did not match and therefore the entity was not updated.
422 (Unprocessable Content)
The requested payload does not meet the validation requirements. Reference the errors in the response for more details.
500 (Internal Server Error)
Some unexpected error occurred requesting this resource
Usage
chef-platform-auth-cli node-account node rotate-credentials [flags]
Options
--body
Credentials rotation parameters
--body-file
Path to file in the local system containing valid body parameter value
--body-format
Format of the --body or --body-file, options: json, yaml, toml
Default value:
json
--format
to print response in format
Default value:
json
-h
--help
help for rotate-credentials
Default value:
false
--If-Match
If-Match will compare the supplied etag to the resource requested. If the etag does not match the operation will be aborted.
--nodeId
ID of a node
--profile
name of the profile to be used for cmd
Default value:
default
--roleId
ID of a Role
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli node-account node update-credentials
Manual credential rotation
Synopsis
Summary:
Use this operation to manually rotate credentials for a given node’s role (agent/service).
WARNING Use this operation with extreme care, under normal cermunstatices a node will automaticly roate it’s own credentials. This should only be used if you have implemented a custom service or credential rotation process.
Errors
401 (Unauthorised)
The credential used to access this resource is invalid/expired
403 (Forbidden)
User with this role is not allowed to access the resource
404 (Not Found)
The node you requested does not exist in the organization
404 (Not Found)
The node’s role you requested is not assigned to this node for the organization
409 (Conflict)
The requested node is disabled, please enable the node before requesting credential rotation
409 (Conflict)
The requested role (agent/service) is disabled, please enable the node before requesting credential rotation
409 (Conflict)
The requested role (agent/service) is not scheduled for a credential rotation. Request credential rotation first
412 (Precondition Failed)
If the “If-Match” header is included in the request, this error status indicates that the value of “If-Match” (the ETag information) did not match and therefore the entity was not updated.
423 (Locked)
The credentials for this role have already expired. Please delete the role, and re-provision.
500 (Internal Server Error)
Some unexpected error occurred requesting this resource
Usage
chef-platform-auth-cli node-account node update-credentials [flags]
Options
--format
to print response in format
Default value:
json
-h
--help
help for update-credentials
Default value:
false
--nodeId
ID of a node
--profile
name of the profile to be used for cmd
Default value:
default
--roleId
ID of a Role
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli node-account node verify-role
Verify a node’s assigned
Synopsis
Summary:
Use this operation to check to see if the node has this role assigned
Errors
401 (Unauthorised)
The credential used to access this resource is invalid/expired
403 (Forbidden)
User with this role is not allowed to access the resource
404 (Not Found)
The node you requested does not exist in the organization
404 (Not Found)
The role you requested does not exist in the organization
404 (Not Found)
The role you requested is not assigned to this node in the organization
500 (Internal Server Error)
Some unexpected error occurred requesting this resource
Usage
chef-platform-auth-cli node-account node verify-role [flags]
Options
--format
to print response in format
Default value:
json
-h
--help
help for verify-role
Default value:
false
--nodeId
ID of a node
--profile
name of the profile to be used for cmd
Default value:
default
--roleId
ID of a Role
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli node-account self
Commands related to self
Options
-h
--help
help for self
Default value:
false
See also
chef-platform-auth-cli node-account self rotate-credentials
Self credential rotation
Synopsis
Summary:
Use this operation to rotate credentials for the current node’s role (agent/service).
WARNING Use this operation with extreme care, under normal circumstances a node will automaticly call this method to rotate it’s own credentials. This should only be used if you have implemented a custom service or credential rotation process.
Errors
401 (Unauthorised)
The credential used to access this resource is invalid/expired
403 (Forbidden)
User with this role is not allowed to access the resource
404 (Not Found)
The node you requested does not exist in this organisation
404 (Not Found)
The role requested does not exist in this organisation
404 (Not Found)
The node’s role you requested is not assigned to this node for the organization
409 (Conflict)
The requested node is disabled, please enable the node before requesting credential rotation
409 (Conflict)
The requested role (agent/service) is disabled, please enable the node before requesting credential rotation
409 (Conflict)
The requested role (agent/service) is not scheduled for a credential rotation. Request credential rotation first
412 (Precondition Failed)
If the “If-Match” header is included in the request, this error status indicates that the value of “If-Match” (the ETag information) did not match and therefore the entity was not updated.
422 (Unprocessable Content)
The requested payload does not meet the validation requirements. Reference the errors in the response for more details.
423 (Locked)
The credentials for this role have already expired. Please delete the role, and re-provision.
500 (Internal Server Error)
Some unexpected error occurred requesting this resource
Usage
chef-platform-auth-cli node-account self rotate-credentials [flags]
Options
--format
to print response in format
Default value:
json
-h
--help
help for rotate-credentials
Default value:
false
--profile
name of the profile to be used for cmd
Default value:
default
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli register-device
register a device and get api-token for device login
Usage
chef-platform-auth-cli register-device [flags]
Options
--cafile
path to ca file
--device-name
name of the device
Default value:
device
-f
--format
to print response in format
Default value:
json
-h
--help
help for register-device
Default value:
false
-i
--insecure
insecure skip verify
Default value:
false
--overwrite
this flag is used to overwrite the old profile if the profile for profile name provided already exists
Default value:
false
--profile-name
name for the profile of the new api-token
--url
tenant url
-v
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli set-default-profile
Set default profile for request
Usage
chef-platform-auth-cli set-default-profile [flags]
Options
-h
--help
help for set-default-profile
Default value:
false
See also
chef-platform-auth-cli system
Commands for managing system
Synopsis
Commands for managing system like org or tenant
Options
-h
--help
help for system
Default value:
false
See also
chef-platform-auth-cli system organization
Commands related to organization
Options
-h
--help
help for organization
Default value:
false
See also
- chef-platform-auth-cli system
- chef-platform-auth-cli system organization create-organization
- chef-platform-auth-cli system organization disable-organization
- chef-platform-auth-cli system organization enable-organization
- chef-platform-auth-cli system organization get-organization
- chef-platform-auth-cli system organization list-organizations
- chef-platform-auth-cli system organization my-organization
- chef-platform-auth-cli system organization update-organization
- chef-platform-auth-cli system organization verify-organization
chef-platform-auth-cli system organization create-organization
CREATE a organization
Synopsis
Creates a new Organizational Unit in the current logged in tenant. The current user will be assigned the default admin role in the new OU. — ### Errors
400 (Bad Request) Malformed-Request
401 (Unauthorised) The credential used to access this resource is invalid/expired
403 (Forbidden) User with this role is not allowed to access the resource
409 (Conflict) Expect this error code if organization with same name already exist.
422 (Unprocessable Content) The requested payload does not meet the validation requirements. Reference the errors in the response for more details.
500 (Internal Server Error) Some unexpected error occurred requesting this resource
Usage
chef-platform-auth-cli system organization create-organization [flags]
Options
--body
The organization to be created
--body-file
Path to file in the local system containing valid body parameter value
--body-format
Format of the --body or --body-file, options: json, yaml, toml
Default value:
json
--format
to print response in format
Default value:
json
-h
--help
help for create-organization
Default value:
false
--profile
name of the profile to be used for cmd
Default value:
default
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli system organization disable-organization
DISABLE a organization
Synopsis
Disable a currently enabled organization
WARNING Disable OU will stop all existing sessions. All nodes under the OU will not be able to communicate with platform. Users won’t be able to login
Errors
401 (Unauthorised)
The credential used to access this resource is invalid/expired
403 (Forbidden)
User with this role is not allowed to access the resource
404 (Not Found)
The organization does not exist
409 (Conflict)
Expect this error code if the organization is already disabled.
422 (Unprocessable Content)
The requested payload does not meet the validation requirements. Reference the errors in the response for more details.
500 (Internal Server Error)
Some unexpected error occurred requesting this resource
Usage
chef-platform-auth-cli system organization disable-organization [flags]
Options
--format
to print response in format
Default value:
json
-h
--help
help for disable-organization
Default value:
false
--If-Match
If-Match will compare the supplied etag to the resource requested. If the etag does not match the operation will be aborted.
--orgId
ID of an Organizational Unit
--profile
name of the profile to be used for cmd
Default value:
default
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli system organization enable-organization
ENABLE a organization
Synopsis
Enable a currently disabled organization
— ### Errors
401 (Unauthorised) The credential used to access this resource is invalid/expired
403 (Forbidden) User with this role is not allowed to access the resource
404 (Not Found) The organization does not exist
409 (Conflict) Expect this error code if the organization is already enabled.
422 (Unprocessable Content) The requested payload does not meet the validation requirements. Reference the errors in the response for more details.
500 (Internal Server Error) Some unexpected error occurred requesting this resource
Usage
chef-platform-auth-cli system organization enable-organization [flags]
Options
--format
to print response in format
Default value:
json
-h
--help
help for enable-organization
Default value:
false
--If-Match
If-Match will compare the supplied etag to the resource requested. If the etag does not match the operation will be aborted.
--orgId
ID of an Organizational Unit
--profile
name of the profile to be used for cmd
Default value:
default
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli system organization get-organization
READ a organization
Synopsis
Use this api to get an organization details — ### Errors
401 (Unauthorised) The credential used to access this resource is invalid/expired
403 (Forbidden) User with this role is not allowed to access the resource
404 (Not Found) The organization does not exist
500 (Internal Server Error) Some unexpected error occurred requesting this resource
Usage
chef-platform-auth-cli system organization get-organization [flags]
Options
--format
to print response in format
Default value:
json
-h
--help
help for get-organization
Default value:
false
--orgId
ID of an Organizational Unit
--profile
name of the profile to be used for cmd
Default value:
default
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli system organization list-organizations
LIST all organizations in the current logged in tenant
Synopsis
This method will list all organizational units in the current logged in tenant; optionally filtered by organizational units status (indicated in the query)
Errors
401 (Unauthorised) The credential used to access this resource is invalid/expired
403 (Forbidden) User with this role is not allowed to access the resource
500 (Internal Server Error) Some unexpected error occurred requesting this resource
Usage
chef-platform-auth-cli system organization list-organizations [flags]
Options
--format
to print response in format
Default value:
json
-h
--help
help for list-organizations
Default value:
false
--pagination.page
what page of the pagination
Default value:
1
--pagination.size
items per page
Default value:
10
--profile
name of the profile to be used for cmd
Default value:
default
--status
The Status to filter the Organization list by
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli system organization my-organization
GET the organization of the current logged in user
Synopsis
This method will get organizational unit details of the current logged in user
Errors
401 (Unauthorised)
The credential used to access this resource is invalid/expired
403 (Forbidden)
User with this role is not allowed to access the resource
500 (Internal Server Error)
Some unexpected error occurred requesting this resource
Usage
chef-platform-auth-cli system organization my-organization [flags]
Options
--format
to print response in format
Default value:
json
-h
--help
help for my-organization
Default value:
false
--profile
name of the profile to be used for cmd
Default value:
default
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli system organization update-organization
UPDATE a organization
Synopsis
This api can be used to update OU details. — ### Errors
400 (Bad Request) Malformed-Request
401 (Unauthorised) The credential used to access this resource is invalid/expired
403 (Forbidden) User with this role is not allowed to access the resource
404 (Not Found) The organization does not exist
422 (Unprocessable Content) The requested payload does not meet the validation requirements. Reference the errors in the response for more details.
500 (Internal Server Error) Some unexpected error occurred requesting this resource
Usage
chef-platform-auth-cli system organization update-organization [flags]
Options
--body
The organization to be updated
--body-file
Path to file in the local system containing valid body parameter value
--body-format
Format of the --body or --body-file, options: json, yaml, toml
Default value:
json
--format
to print response in format
Default value:
json
-h
--help
help for update-organization
Default value:
false
--If-Match
If-Match will compare the supplied etag to the resource requested. If the etag does not match the operation will be aborted.
--orgId
ID of an Organizational Unit
--profile
name of the profile to be used for cmd
Default value:
default
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli system organization verify-organization
VERIFY a organization
Synopsis
Verify if the organization is enabled. — ### Errors
401 (Unauthorised) The credential used to access this resource is invalid/expired
403 (Forbidden) User with this role is not allowed to access the resource
404 (Not Found) The organization does not exist
500 (Internal Server Error) Some unexpected error occurred requesting this resource
Usage
chef-platform-auth-cli system organization verify-organization [flags]
Options
--format
to print response in format
Default value:
json
-h
--help
help for verify-organization
Default value:
false
--orgId
ID of an Organizational Unit
--profile
name of the profile to be used for cmd
Default value:
default
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli user-account
Commands for user account
Synopsis
Commands for managing user account
Options
-h
--help
help for user-account
Default value:
false
See also
- chef-platform-auth-cli user-account identity
- chef-platform-auth-cli user-account jwt
- chef-platform-auth-cli user-account self
- chef-platform-auth-cli user-account user
chef-platform-auth-cli user-account identity
Commands related to identity
Options
-h
--help
help for identity
Default value:
false
See also
- chef-platform-auth-cli user-account
- chef-platform-auth-cli user-account identity authorise-device
- chef-platform-auth-cli user-account identity change-password
- chef-platform-auth-cli user-account identity create-identity
- chef-platform-auth-cli user-account identity delete-identity
- chef-platform-auth-cli user-account identity device-api-token
- chef-platform-auth-cli user-account identity device-deregister
- chef-platform-auth-cli user-account identity device-register
- chef-platform-auth-cli user-account identity disable-device
- chef-platform-auth-cli user-account identity disable-identity
- chef-platform-auth-cli user-account identity enable-device
- chef-platform-auth-cli user-account identity enable-identity
- chef-platform-auth-cli user-account identity expire-password
- chef-platform-auth-cli user-account identity get-authorise-page
- chef-platform-auth-cli user-account identity get-identity
- chef-platform-auth-cli user-account identity get-jwt
- chef-platform-auth-cli user-account identity get-login-page
- chef-platform-auth-cli user-account identity get-password-set-page
- chef-platform-auth-cli user-account identity get-self-user
- chef-platform-auth-cli user-account identity list-users
- chef-platform-auth-cli user-account identity login-identity
- chef-platform-auth-cli user-account identity logout-all-identity
- chef-platform-auth-cli user-account identity logout-identity
- chef-platform-auth-cli user-account identity refresh-jwt
- chef-platform-auth-cli user-account identity reset-password
- chef-platform-auth-cli user-account identity set-password
- chef-platform-auth-cli user-account identity update-identity
- chef-platform-auth-cli user-account identity update-self-user
chef-platform-auth-cli user-account identity authorise-device
Device authorisation
Synopsis
Summary:
This operation will authorise the requested device.
Note:
This method will only work with local users (not OAUTH)
Process
- The user needs to enter the auth code received over cli
- The auth code will be validated against the request
Errors
400 (Bad Request)
Malformed-Request
409 (Conflict)
The auth code already authorised
401 (Unauthorised)
The credential used to access this resource is invalid/expired
403 (Forbidden)
User with this role is not allowed to access the resource
500 (Internal Server Error)
Some unexpected error occurred requesting this resource
Usage
chef-platform-auth-cli user-account identity authorise-device [flags]
Options
--body
Auth Code for device authorisation
--body-file
Path to file in the local system containing valid body parameter value
--body-format
Format of the --body or --body-file, options: json, yaml, toml
Default value:
json
--deviceId
ID of an device
--format
to print response in format
Default value:
json
-h
--help
help for authorise-device
Default value:
false
--profile
name of the profile to be used for cmd
Default value:
default
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli user-account identity change-password
PATCH the current users’ password with a new password
Synopsis
This method will change the users password
Error(s)
409 (Conflict)
If the current user who has requested a password reset is not a “local” user
422 (Unprocessable Content)
If the users current password does not match or the new password does not meet the password requirements
423 (Locked)
If the user’s account is currently locked
400 (Bad Request)
Malformed-Request
401 (Unauthorised)
The credential used to access this resource is invalid/expired
403 (Forbidden)
User with this role is not allowed to access the resource
500 (Internal Server Error)
Some unexpected error occurred requesting this resource
Usage
chef-platform-auth-cli user-account identity change-password [flags]
Options
--body
The password to be changed
--body-file
Path to file in the local system containing valid body parameter value
--body-format
Format of the --body or --body-file, options: json, yaml, toml
Default value:
json
--format
to print response in format
Default value:
json
-h
--help
help for change-password
Default value:
false
--profile
name of the profile to be used for cmd
Default value:
default
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli user-account identity create-identity
Create a “local” user
Synopsis
Summary:
Use this operation to create a local user
Note:
for “local” users:
- If a user is created without a password, they will be emailed a set password link with token/OTP
- If a user is created with a password, they will be emailed with a created user details
Errors
400 (Bad Request)
Malformed-Request
401 (Unauthorised)
The credential used to access this resource is invalid/expired
403 (Forbidden)
User with this role is not allowed to access the resource
404 (Not Found)
The role ID specified does not exist in the organization
409 (Conflict)
User is already registered
422 (Unprocessable Content)
The Reference the errors in the response for more details.
500 (Internal Server Error)
Some unexpected error occurred requesting this resource
Usage
chef-platform-auth-cli user-account identity create-identity [flags]
Options
--body
The user to be created
--body-file
Path to file in the local system containing valid body parameter value
--body-format
Format of the --body or --body-file, options: json, yaml, toml
Default value:
json
--format
to print response in format
Default value:
json
-h
--help
help for create-identity
Default value:
false
--profile
name of the profile to be used for cmd
Default value:
default
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli user-account identity delete-identity
Delete a user in current tenant
Synopsis
Summary:
Use this operation to delete a user in the current tenant
Errors
404 (Not Found)
The user you requested does not exist in the current tenant
401 (Unauthorised)
The credential used to access this resource is invalid/expired
403 (Forbidden)
User with this role is not allowed to access the resource
500 (Internal Server Error)
Some unexpected error occurred requesting this resource
Usage
chef-platform-auth-cli user-account identity delete-identity [flags]
Options
--format
to print response in format
Default value:
json
-h
--help
help for delete-identity
Default value:
false
--profile
name of the profile to be used for cmd
Default value:
default
--userId
ID of an User
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli user-account identity device-api-token
Create tokens for the device, if device auth code got authorised successfully.
Synopsis
Summary:
This will return api token for given deviceId
Errors
400 (Bad Request)
When code is not authorized.
404 (Not Found)
The device does not exist.
500 (Internal Server Error)
Some unexpected error occurred requesting this resource
Usage
chef-platform-auth-cli user-account identity device-api-token [flags]
Options
--body
State Code for device token creation
--body-file
Path to file in the local system containing valid body parameter value
--body-format
Format of the --body or --body-file, options: json, yaml, toml
Default value:
json
--deviceId
ID of an device
--format
to print response in format
Default value:
json
-h
--help
help for device-api-token
Default value:
false
--profile
name of the profile to be used for cmd
Default value:
default
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli user-account identity device-deregister
Deregister given device
Synopsis
Summary:
Use this operation to deregister given device
Errors
409 (Conflict)
The device is already deregistered
404 (Not Found)
Tenant not found
404 (Not Found)
Org not found
404 (Not Found)
Role not found
401 (Unauthorised)
The credential used to access this resource is invalid/expired
403 (Forbidden)
User with this role is not allowed to access the resource
500 (Internal Server Error)
Some unexpected error occurred requesting this resource
Usage
chef-platform-auth-cli user-account identity device-deregister [flags]
Options
--deviceId
ID of an device
--format
to print response in format
Default value:
json
-h
--help
help for device-deregister
Default value:
false
--profile
name of the profile to be used for cmd
Default value:
default
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli user-account identity device-register
Get auth code with authorisation url for given device register request
Synopsis
Summary:
Use this operation to get auth code with authorisation url for given device register request
Errors
400 (Bad Request)
Request body validation failed
404 (Not Found)
Tenant not found
423 (Locked)
Device is Disabled
401 (Unauthorised)
The credential used to access this resource is invalid/expired
403 (Forbidden)
User with this role is not allowed to access the resource
500 (Internal Server Error)
Some unexpected error occurred requesting this resource
Usage
chef-platform-auth-cli user-account identity device-register [flags]
Options
--body
Device metadata
--body-file
Path to file in the local system containing valid body parameter value
--body-format
Format of the --body or --body-file, options: json, yaml, toml
Default value:
json
--format
to print response in format
Default value:
json
-h
--help
help for device-register
Default value:
false
--profile
name of the profile to be used for cmd
Default value:
default
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli user-account identity disable-device
Disable device by id
Synopsis
Summary:
This will disable the device
Process
- This api will require a deviceId which consist of (mac + deviceUser + appType)
Errors
404 (Not Found)
The device you requested does not exist in the current organizational unit
409 (Conflict)
The device is already disabled
412 (Precondition Failed)
If the “If-Match” header is included in the request, this error status indicates that the value of “If-Match” (the ETag information) did not match and therefore the entity was not updated.
401 (Unauthorised)
The credential used to access this resource is invalid/expired
403 (Forbidden)
User with this role is not allowed to access the resource
500 (Internal Server Error)
Some unexpected error occurred requesting this resource
Usage
chef-platform-auth-cli user-account identity disable-device [flags]
Options
--deviceId
ID of an device
--format
to print response in format
Default value:
json
-h
--help
help for disable-device
Default value:
false
--If-Match
If-Match will compare the supplied etag to the resource requested. If the etag does not match the operation will be aborted.
--profile
name of the profile to be used for cmd
Default value:
default
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli user-account identity disable-identity
Disable the user associated with the given userId
Synopsis
Summary:
This operation will disable the user associated with the given userId. All sessions for this userId will stop working.
Errors
409 (Conflict)
Email is already disabled
412 (Precondition Failed)
If the “If-Match” header is included in the request, this error status indicates that the value of “If-Match” (the ETag information) did not match and therefore the entity was not updated.
401 (Unauthorised)
The credential used to access this resource is invalid/expired
403 (Forbidden)
User with this role is not allowed to access the resource
500 (Internal Server Error)
Some unexpected error occurred requesting this resource
Usage
chef-platform-auth-cli user-account identity disable-identity [flags]
Options
--format
to print response in format
Default value:
json
-h
--help
help for disable-identity
Default value:
false
--If-Match
If-Match will compare the supplied etag to the resource requested. If the etag does not match the operation will be aborted.
--profile
name of the profile to be used for cmd
Default value:
default
--userId
ID of an User
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli user-account identity enable-device
Enable device by id
Synopsis
Summary:
This will enable the device
Process
- This api will require a deviceId which consist of (mac + deviceUser + appType)
Errors
404 (Not Found)
The device you requested does not exist in the current organizational unit
409 (Conflict)
The device is already enabled
412 (Precondition Failed)
If the “If-Match” header is included in the request, this error status indicates that the value of “If-Match” (the ETag information) did not match and therefore the entity was not updated.
401 (Unauthorised)
The credential used to access this resource is invalid/expired
403 (Forbidden)
User with this role is not allowed to access the resource
500 (Internal Server Error)
Some unexpected error occurred requesting this resource
Usage
chef-platform-auth-cli user-account identity enable-device [flags]
Options
--deviceId
ID of an device
--format
to print response in format
Default value:
json
-h
--help
help for enable-device
Default value:
false
--If-Match
If-Match will compare the supplied etag to the resource requested. If the etag does not match the operation will be aborted.
--profile
name of the profile to be used for cmd
Default value:
default
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli user-account identity enable-identity
Enable the user associated with the given userId
Synopsis
Summary:
This operation will enable the user associated with the given userId
Errors
409 (Conflict)
Email is already enabled
412 (Precondition Failed)
If the “If-Match” header is included in the request, this error status indicates that the value of “If-Match” (the ETag information) did not match and therefore the entity was not updated.
401 (Unauthorised)
The credential used to access this resource is invalid/expired
403 (Forbidden)
User with this role is not allowed to access the resource
500 (Internal Server Error)
Some unexpected error occurred requesting this resource
Usage
chef-platform-auth-cli user-account identity enable-identity [flags]
Options
--format
to print response in format
Default value:
json
-h
--help
help for enable-identity
Default value:
false
--If-Match
If-Match will compare the supplied etag to the resource requested. If the etag does not match the operation will be aborted.
--profile
name of the profile to be used for cmd
Default value:
default
--userId
ID of an User
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli user-account identity expire-password
Expire the users password
Synopsis
Summary:
Use this operation to require the user to change their password upon next login
WARNING this will not impact any currently logged in users.
Note:
This method will only work with locally users (not OAUTH)
Errors
404 (Not Found)
The user you requested does not exist in the current tenant unit
409 (Conflict)
The user’s password is already set to expire
412 (Precondition Failed)
If the “If-Match” header is included in the request, this error status indicates that the value of “If-Match” (the ETag information) did not match and therefore the entity was not updated. This method will list all roles for a user
423 (Locked)
User is not a local user
401 (Unauthorised)
The credential used to access this resource is invalid/expired
403 (Forbidden)
User with this role is not allowed to access the resource
500 (Internal Server Error)
Some unexpected error occurred requesting this resource
Usage
chef-platform-auth-cli user-account identity expire-password [flags]
Options
--emailId
Email ID of an User
--format
to print response in format
Default value:
json
-h
--help
help for expire-password
Default value:
false
--If-Match
If-Match will compare the supplied etag to the resource requested. If the etag does not match the operation will be aborted.
--profile
name of the profile to be used for cmd
Default value:
default
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli user-account identity get-authorise-page
Device authorisation page (UI) for user.
Synopsis
Summary:
This operation will load the HTML form page
Process
- The user need to enter the OAUTH code
- Then submit to authorize the device
Errors
500 (Internal Server Error)
Some unexpected error occurred requesting this resource
Usage
chef-platform-auth-cli user-account identity get-authorise-page [flags]
Options
--appType
Application Type
--deviceId
ID of an device
--deviceName
Device Name
--format
to print response in format
Default value:
json
-h
--help
help for get-authorise-page
Default value:
false
--oauthCode
OAuth code
--profile
name of the profile to be used for cmd
Default value:
default
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli user-account identity get-identity
Get a user in current tenant
Synopsis
Summary:
Use this operation to get a user in the current tenant
Errors
404 (Not Found)
The user you requested does not exist in the tenant
401 (Unauthorised)
The credential used to access this resource is invalid/expired
403 (Forbidden)
User with this role is not allowed to access the resource
500 (Internal Server Error)
Some unexpected error occurred requesting this resource
Usage
chef-platform-auth-cli user-account identity get-identity [flags]
Options
--format
to print response in format
Default value:
json
-h
--help
help for get-identity
Default value:
false
--profile
name of the profile to be used for cmd
Default value:
default
--userId
ID of an User
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli user-account identity get-jwt
Get jwt token by exchanging the oauth code and state
Synopsis
Summary:
Use this operation to get jwt token by exchanging the oauth code and state.
Note:
- In return we will get access token, refresh token and expiry
- Access token will have tenantID,userID,roleId etc along with baseOrgId
Errors
400 (Bad Request)
Malformed-Request
422 (Unprocessable Content)
The given values for oauth code and state is not in correct format
423 (Locked)
This identity is locked/disabled
500 (Internal Server Error)
Some unexpected error occurred requesting this resource
Usage
chef-platform-auth-cli user-account identity get-jwt [flags]
Options
--body
Get JWT token by exchanging the oauth code and state
--body-file
Path to file in the local system containing valid body parameter value
--body-format
Format of the --body or --body-file, options: json, yaml, toml
Default value:
json
--format
to print response in format
Default value:
json
-h
--help
help for get-jwt
Default value:
false
--profile
name of the profile to be used for cmd
Default value:
default
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli user-account identity get-login-page
Login page UI for user.
Synopsis
Summary:
This operation will load the HTML page to login
Process
- The user need to enter the email and valid password
- Then submit to get oauth code and state
Errors
500 (Internal Server Error)
Some unexpected error occurred requesting this resource
Usage
chef-platform-auth-cli user-account identity get-login-page [flags]
Options
--format
to print response in format
Default value:
json
-h
--help
help for get-login-page
Default value:
false
--profile
name of the profile to be used for cmd
Default value:
default
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli user-account identity get-password-set-page
Get Password set UI page for user.
Synopsis
Summary:
This operation will load the HTML page to set password using OTP
Note:
This method will only work with locally users (not OAUTH)
Process
- The user needs to enter the OTP received over email in this page or auto-filled from the URL.
- Then submit to set a new password
Errors
500 (Internal Server Error)
Some unexpected error occurred requesting this resource
Usage
chef-platform-auth-cli user-account identity get-password-set-page [flags]
Options
--emailId
Email ID of an User
--format
to print response in format
Default value:
json
-h
--help
help for get-password-set-page
Default value:
false
--otp
OTP to set the new password
--profile
name of the profile to be used for cmd
Default value:
default
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli user-account identity get-self-user
Get Current Logged in User details
Synopsis
Summary:
Use this operation get the current logged in user details
Errors
400 (Bad Request)
Malformed-Request
401 (Unauthorised)
The credential used to access this resource is invalid/expired
403 (Forbidden)
User with this role is not allowed to access the resource
500 (Internal Server Error)
Some unexpected error occurred requesting this resource
Usage
chef-platform-auth-cli user-account identity get-self-user [flags]
Options
--format
to print response in format
Default value:
json
-h
--help
help for get-self-user
Default value:
false
--profile
name of the profile to be used for cmd
Default value:
default
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli user-account identity list-users
Get all users present in current tenant
Synopsis
Summary:
This operation will get all users present in current tenant
Errors
401 (Unauthorised)
The credential used to access this resource is invalid/expired
403 (Forbidden)
User with this role is not allowed to access the resource
500 (Internal Server Error)
Some unexpected error occurred requesting this resource
Usage
chef-platform-auth-cli user-account identity list-users [flags]
Options
--email
email of the user
--format
to print response in format
Default value:
json
-h
--help
help for list-users
Default value:
false
--pagination.page
what page of the pagination
Default value:
1
--pagination.size
items per page
Default value:
10
--profile
name of the profile to be used for cmd
Default value:
default
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli user-account identity login-identity
Get oauth code for given credentials (email and password)
Synopsis
Summary:
Use this operation to get oauth code for given credentials (email and password)
Errors
400 (Bad Request)
Malformed-Request
401 (Unauthorized)
User credentials are not correct or doesn’t belong to the tenant
423 (Locked)
This identity is locked/disabled
422 (Unprocessable Content)
Document validation failed
500 (Internal Server Error)
Some unexpected error occurred requesting this resource
Usage
chef-platform-auth-cli user-account identity login-identity [flags]
Options
--body
Login with email and password
--body-file
Path to file in the local system containing valid body parameter value
--body-format
Format of the --body or --body-file, options: json, yaml, toml
Default value:
json
--format
to print response in format
Default value:
json
-h
--help
help for login-identity
Default value:
false
--profile
name of the profile to be used for cmd
Default value:
default
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli user-account identity logout-all-identity
Logout all the session of the user
Synopsis
Summary:
Use this operation to logout all the sessions of the user by expiring them
Errors
401 (Unauthorised)
The credential used to access this resource is invalid/expired
403 (Forbidden)
User with this role is not allowed to access the resource
423 (Locked)
Resource targeted cannot be modified
500 (Internal Server Error)
Some unexpected error occurred requesting this resource
Usage
chef-platform-auth-cli user-account identity logout-all-identity [flags]
Options
--format
to print response in format
Default value:
json
-h
--help
help for logout-all-identity
Default value:
false
--profile
name of the profile to be used for cmd
Default value:
default
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli user-account identity logout-identity
Logout current user and current session
Synopsis
Summary:
Use this operation to logout current user and current session by expiring the session
Errors
401 (Unauthorised)
The credential used to access this resource is invalid/expired
403 (Forbidden)
User with this role is not allowed to access the resource
423 (Locked)
Resource targeted cannot be modified
500 (Internal Server Error)
Some unexpected error occurred requesting this resource
Usage
chef-platform-auth-cli user-account identity logout-identity [flags]
Options
--format
to print response in format
Default value:
json
-h
--help
help for logout-identity
Default value:
false
--profile
name of the profile to be used for cmd
Default value:
default
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli user-account identity refresh-jwt
Get jwt token by exchanging the access token and refresh token.
Synopsis
Summary:
Use this operation to get new jwt access token by exchanging refresh token with valid access token.
Note
In return we will get a new access token, refresh token and it’s expiry. Refresh token will be the same as before if refreshed to get new access token with same OrgId and RoleId. The roleId and OrgId in the request can be used to switch role/org post login.
Errors
401 (Unauthorised)
The credential used to access this resource is invalid/expired
403 (Forbidden)
User with this role is not allowed to access the resource
423 (Locked)
This identity is locked/disabled
500 (Internal Server Error)
Some unexpected error occurred requesting this resource
Usage
chef-platform-auth-cli user-account identity refresh-jwt [flags]
Options
--body
Get JWT token by exchanging the access token and refresh token
--body-file
Path to file in the local system containing valid body parameter value
--body-format
Format of the --body or --body-file, options: json, yaml, toml
Default value:
json
--format
to print response in format
Default value:
json
-h
--help
help for refresh-jwt
Default value:
false
--profile
name of the profile to be used for cmd
Default value:
default
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli user-account identity reset-password
Password Reset
Synopsis
Summary:
This operation will begin the password reset process.
WARNING this will not impact any currently logged in users.
Note:
This method will only work with local users (not OAUTH)
Process
- The user will be emailed a link to change their password
- The email & link will contain a one time passcode (OTP)
- The user have to click the link and proceed with the given otp
Errors
412 (Precondition Failed)
If the “If-Match” header is included in the request, this error status indicates that the value of “If-Match” (the ETag information) did not match and therefore the entity was not updated. This method will list all roles for a user
423 (Locked)
User is not a local user
Note for record not found
When the user you requested (by email-id) does not exist in the current tenant unit, instead of showing email-id not found it will send a 200 not exposing if the user is present in the system or not
500 (Internal Server Error)
Some unexpected error occurred requesting this resource
Usage
chef-platform-auth-cli user-account identity reset-password [flags]
Options
--emailId
Email ID of an User
--format
to print response in format
Default value:
json
-h
--help
help for reset-password
Default value:
false
--profile
name of the profile to be used for cmd
Default value:
default
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli user-account identity set-password
Set Password for user
Synopsis
Summary:
This operation will set the password for the user.
Note:
This method will only work with locally users (not OAUTH)
Process
- The user need to enter the OTP received over email and a valid new password
- The OTP will be validated against the email
- Password history rules will be checked.
- If the new password value passes the rules then new password will be set against the identity
Errors
404 (Not Found)
The user you requested does not exist in the tenant
423 (Locked)
User is disabled
400 (Invalid OTP)
Invalid OTP entered
422 (Unprocessable Content)
Password validation failed
500 (Internal Server Error)
Some unexpected error occurred requesting this resource
Usage
chef-platform-auth-cli user-account identity set-password [flags]
Options
--body
Password to be set using OTP
--body-file
Path to file in the local system containing valid body parameter value
--body-format
Format of the --body or --body-file, options: json, yaml, toml
Default value:
json
--emailId
Email ID of an User
--format
to print response in format
Default value:
json
-h
--help
help for set-password
Default value:
false
--profile
name of the profile to be used for cmd
Default value:
default
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli user-account identity update-identity
Update a user in current tenant
Synopsis
Summary:
This operation will update a user
WARNING this will update the user’s information in the current tenant
Note:
This method will only allow updating of local users
Errors
409 (Conflict)
Email address already in use
412 (Precondition Failed)
If the “If-Match” header is included in the request, this error status indicates that the value of “If-Match” (the ETag information) did not match and therefore the entity was not updated.
422 (Unprocessable Content)
The policy does not meet the validation requirements. Reference the errors in the response for more details.
423 (Locked)
User is not a local user
400 (Bad Request)
Malformed-Request
401 (Unauthorised)
The credential used to access this resource is invalid/expired
403 (Forbidden)
User with this role is not allowed to access the resource
500 (Internal Server Error)
Some unexpected error occurred requesting this resource
Usage
chef-platform-auth-cli user-account identity update-identity [flags]
Options
--body
The updated user information
--body-file
Path to file in the local system containing valid body parameter value
--body-format
Format of the --body or --body-file, options: json, yaml, toml
Default value:
json
--format
to print response in format
Default value:
json
-h
--help
help for update-identity
Default value:
false
--If-Match
If-Match will compare the supplied etag to the resource requested. If the etag does not match the operation will be aborted.
--profile
name of the profile to be used for cmd
Default value:
default
--userId
ID of an User
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli user-account identity update-self-user
Update the current user
Synopsis
Summary:
This operation will update the current user
Note:
This method will only allow updating of local user any other type of user (Node, Token, OAuth will fail)
Errors
409 (Conflict)
Email address already in use
412 (Precondition Failed)
If the “If-Match” header is included in the request, this error status indicates that the value of “If-Match” (the ETag information) did not match and therefore the entity was not updated.
422 (Unprocessable Content)
The policy does not meet the validation requirements. Reference the errors in the response for more details.
423 (Locked)
User is not a local user
401 (Unauthorised)
The credential used to access this resource is invalid/expired
403 (Forbidden)
User with this role is not allowed to access the resource
500 (Internal Server Error)
Some unexpected error occurred requesting this resource
Usage
chef-platform-auth-cli user-account identity update-self-user [flags]
Options
--body
The updated user information
--body-file
Path to file in the local system containing valid body parameter value
--body-format
Format of the --body or --body-file, options: json, yaml, toml
Default value:
json
--format
to print response in format
Default value:
json
-h
--help
help for update-self-user
Default value:
false
--If-Match
If-Match will compare the supplied etag to the resource requested. If the etag does not match the operation will be aborted.
--profile
name of the profile to be used for cmd
Default value:
default
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli user-account jwt
Commands related to jwt
Options
-h
--help
help for jwt
Default value:
false
See also
- chef-platform-auth-cli user-account
- chef-platform-auth-cli user-account jwt jwt-expiry-set
- chef-platform-auth-cli user-account jwt rotate-jwt-secret
chef-platform-auth-cli user-account jwt jwt-expiry-set
Update the Expiry durations for tenant.
Synopsis
Summary:
Use this operation to update the JWT Token expiry duration, Oauth expiry duration and the Session expiry duration. The duration should always be set in seconds.
Errors
422 (Unprocessable Content)
Request Body should have at least one field present
Usage
chef-platform-auth-cli user-account jwt jwt-expiry-set [flags]
Options
--body
The duration update information (in seconds).
--body-file
Path to file in the local system containing valid body parameter value
--body-format
Format of the --body or --body-file, options: json, yaml, toml
Default value:
json
--format
to print response in format
Default value:
json
-h
--help
help for jwt-expiry-set
Default value:
false
--profile
name of the profile to be used for cmd
Default value:
default
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli user-account jwt rotate-jwt-secret
Rotate the jwt secret
Synopsis
Summary:
Rotate the jwt secret for the given tenant.
Errors
404 (Not Found)
The requested data does not exist in the current organizational unit
401 (Unauthorized)
The credential used to access this resource is invalid/expired.
403 (Forbidden)
User with this role is not allowed to access the resource.
500 (Internal Server Error)
Some unexpected error occurred requesting this resource.
Usage
chef-platform-auth-cli user-account jwt rotate-jwt-secret [flags]
Options
--format
to print response in format
Default value:
json
-h
--help
help for rotate-jwt-secret
Default value:
false
--profile
name of the profile to be used for cmd
Default value:
default
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli user-account self
Commands related to self
Options
-h
--help
help for self
Default value:
false
See also
- chef-platform-auth-cli user-account
- chef-platform-auth-cli user-account self create-token
- chef-platform-auth-cli user-account self delete-token
- chef-platform-auth-cli user-account self get-organization
- chef-platform-auth-cli user-account self get-role
- chef-platform-auth-cli user-account self get-token
- chef-platform-auth-cli user-account self list-organizations
- chef-platform-auth-cli user-account self list-roles
- chef-platform-auth-cli user-account self list-tokens
- chef-platform-auth-cli user-account self revoke-token
chef-platform-auth-cli user-account self create-token
create a new API token for the signed in user
Synopsis
Summary:
Use this operation to assign a new api token for a user
Errors
422 (Unprocessable Content)
Field validation error
423 (Locked)
The role is not a valid user assignable role
409 (Conflict)
Resource is already in use
401 (Unauthorised)
The credential used to access this resource is invalid/expired
403 (Forbidden)
User with this role is not allowed to access the resource
500 (Internal Server Error)
Some unexpected error occurred requesting this resource
Usage
chef-platform-auth-cli user-account self create-token [flags]
Options
--body
Token to be created
--body-file
Path to file in the local system containing valid body parameter value
--body-format
Format of the --body or --body-file, options: json, yaml, toml
Default value:
json
--format
to print response in format
Default value:
json
-h
--help
help for create-token
Default value:
false
--profile
name of the profile to be used for cmd
Default value:
default
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli user-account self delete-token
Deletes current user’s API token
Synopsis
Summary:
Use this operation to delete current user’s API token in the current organization and role
Errors
404 (Not Found)
The token requested does not exist in the organization or is not assigned to the user
412 (Precondition Failed)
If the “If-Match” header is included in the request, this error status indicates that the value of “If-Match” (the ETag information) did not match and therefore the entity was not updated.
401 (Unauthorised)
The credential used to access this resource is invalid/expired
403 (Forbidden)
User with this role is not allowed to access the resource
500 (Internal Server Error)
Some unexpected error occurred requesting this resource
Usage
chef-platform-auth-cli user-account self delete-token [flags]
Options
--format
to print response in format
Default value:
json
-h
--help
help for delete-token
Default value:
false
--If-Match
If-Match will compare the supplied etag to the resource requested. If the etag does not match the operation will be aborted.
--profile
name of the profile to be used for cmd
Default value:
default
--tokenId
ID of a API Token
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli user-account self get-organization
GET the organization of the current logged in user
Synopsis
This method will get organizational unit details of the current logged in user
Errors
401 (Unauthorised)
The credential used to access this resource is invalid/expired
403 (Forbidden)
User with this role is not allowed to access the resource
500 (Internal Server Error)
Some unexpected error occurred requesting this resource
Usage
chef-platform-auth-cli user-account self get-organization [flags]
Options
--format
to print response in format
Default value:
json
-h
--help
help for get-organization
Default value:
false
--profile
name of the profile to be used for cmd
Default value:
default
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli user-account self get-role
Get current Users active role
Synopsis
Summary:
Use this operation to get the user’s currently active role.
Errors
404 (Not Found)
The role you requested does not exist in the organization
401 (Unauthorised)
The credential used to access this resource is invalid/expired
403 (Forbidden)
User with this role is not allowed to access the resource
500 (Internal Server Error)
Some unexpected error occurred requesting this resource
Usage
chef-platform-auth-cli user-account self get-role [flags]
Options
--format
to print response in format
Default value:
json
-h
--help
help for get-role
Default value:
false
--profile
name of the profile to be used for cmd
Default value:
default
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli user-account self get-token
Get current user’s API token information
Synopsis
Summary:
Use this operation get current user’s API token information
Errors
404 (Not Found)
The requested token is not assigned to the user
401 (Unauthorised)
The credential used to access this resource is invalid/expired
403 (Forbidden)
User with this role is not allowed to access the resource
500 (Internal Server Error)
Some unexpected error occurred requesting this resource
Usage
chef-platform-auth-cli user-account self get-token [flags]
Options
--format
to print response in format
Default value:
json
-h
--help
help for get-token
Default value:
false
--profile
name of the profile to be used for cmd
Default value:
default
--tokenId
ID of a API Token
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli user-account self list-organizations
Get all organizations current user is assigned to
Synopsis
Summary:
This operation will search for all organizations in which current user is assigned.
Errors
401 (Unauthorised)
The credential used to access this resource is invalid/expired
403 (Forbidden)
User with this role is not allowed to access the resource
500 (Internal Server Error)
Some unexpected error occurred requesting this resource
Usage
chef-platform-auth-cli user-account self list-organizations [flags]
Options
--format
to print response in format
Default value:
json
-h
--help
help for list-organizations
Default value:
false
--pagination.page
what page of the pagination
Default value:
1
--pagination.size
items per page
Default value:
10
--profile
name of the profile to be used for cmd
Default value:
default
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli user-account self list-roles
List current Users roles
Synopsis
Summary:
Use this operation to list all the roles assigned to the current user. Roles can be filtered based on the Organization Id by sending the id in the query params.
Errors
401 (Unauthorised)
The credential used to access this resource is invalid/expired
403 (Forbidden)
User with this role is not allowed to access the resource
500 (Internal Server Error)
Some unexpected error occurred requesting this resource
Usage
chef-platform-auth-cli user-account self list-roles [flags]
Options
--format
to print response in format
Default value:
json
-h
--help
help for list-roles
Default value:
false
--orgId
the organization id
--profile
name of the profile to be used for cmd
Default value:
default
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli user-account self list-tokens
List all the tokens for the signed in user in current organization
Synopsis
Summary:
Use this operation to list all of a tokens assigned to the user in the current organization and role
Errors
401 (Unauthorised)
The credential used to access this resource is invalid/expired
403 (Forbidden)
User with this role is not allowed to access the resource
500 (Internal Server Error)
Some unexpected error occurred requesting this resource
Usage
chef-platform-auth-cli user-account self list-tokens [flags]
Options
--format
to print response in format
Default value:
json
-h
--help
help for list-tokens
Default value:
false
--profile
name of the profile to be used for cmd
Default value:
default
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli user-account self revoke-token
revoke current user’s API Token
Synopsis
Summary:
Use this operation to revoke (immediately expire) but not delete an API token in the current organization and role
Errors
404 (Not Found)
The token you requested does not exist in the current organizational unit or is not assigned to the user
409 (Conflict)
The token is already revoked
412 (Precondition Failed)
If the “If-Match” header is included in the request, this error status indicates that the value of “If-Match” (the ETag information) did not match and therefore the entity was not updated.
401 (Unauthorised)
The credential used to access this resource is invalid/expired
403 (Forbidden)
User with this role is not allowed to access the resource
500 (Internal Server Error)
Some unexpected error occurred requesting this resource
Usage
chef-platform-auth-cli user-account self revoke-token [flags]
Options
--format
to print response in format
Default value:
json
-h
--help
help for revoke-token
Default value:
false
--If-Match
If-Match will compare the supplied etag to the resource requested. If the etag does not match the operation will be aborted.
--profile
name of the profile to be used for cmd
Default value:
default
--tokenId
ID of a API Token
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli user-account user
Commands related to user
Options
-h
--help
help for user
Default value:
false
See also
- chef-platform-auth-cli user-account
- chef-platform-auth-cli user-account user add-user
- chef-platform-auth-cli user-account user assign-role
- chef-platform-auth-cli user-account user assign-roles
- chef-platform-auth-cli user-account user create-token
- chef-platform-auth-cli user-account user delete-role
- chef-platform-auth-cli user-account user delete-token
- chef-platform-auth-cli user-account user disable-role
- chef-platform-auth-cli user-account user disable-user
- chef-platform-auth-cli user-account user enable-role
- chef-platform-auth-cli user-account user enable-user
- chef-platform-auth-cli user-account user get-role
- chef-platform-auth-cli user-account user get-token
- chef-platform-auth-cli user-account user getJwt-apiToken
- chef-platform-auth-cli user-account user list-roles
- chef-platform-auth-cli user-account user list-tokens
- chef-platform-auth-cli user-account user list-users
- chef-platform-auth-cli user-account user login-apiToken
- chef-platform-auth-cli user-account user remove-user
- chef-platform-auth-cli user-account user revoke-token
- chef-platform-auth-cli user-account user verify-api
chef-platform-auth-cli user-account user add-user
Add a user to current organization
Synopsis
Summary:
If user exists it will add to organization. If user does not exist it creates the user, sends password set email and then adds them to organization
WARNING A user can not login unless that have at least one enabled role.
Note:
- The user must already exist as a local user in the tenant for this operation to succeed
- This is commonly only used for local users, for OAUTH users the OAUTH flow can be configured to automaticly add the user and roles to the organizations
Errors
404 (Not Found)
The user you requested does not exist in the tenant
423 (Locked)
The user you requested is locked/disabled in the tenant
409 (Conflict)
user already exists in this organization
401 (Unauthorized)
The credential used to access this resource is invalid/expired.
403 (Forbidden)
User with this role is not allowed to access the resource.
500 (Internal Server Error)
Some unexpected error occurred requesting this resource.
Usage
chef-platform-auth-cli user-account user add-user [flags]
Options
--body
User to be created
--body-file
Path to file in the local system containing valid body parameter value
--body-format
Format of the --body or --body-file, options: json, yaml, toml
Default value:
json
--format
to print response in format
Default value:
json
-h
--help
help for add-user
Default value:
false
--profile
name of the profile to be used for cmd
Default value:
default
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli user-account user assign-role
Assigns a user a new role in current organization unit.
Synopsis
Summary:
Use this operation to assign a role to an existing user
Note:
Until a user is asigned at least one role they will not be able to login
Errors
404 (Not Found)
The role you requested does not exist in the organization
409 (Conflict)
The role is already assigned to this user
422 (Role validation failed)
The roles is a System/Service role not a user role
423 (Locked)
The role/user is disabled
401 (Unauthorized)
The credential used to access this resource is invalid/expired.
403 (Forbidden)
User with this role is not allowed to access the resource.
500 (Internal Server Error)
Some unexpected error occurred requesting this resource.
Usage
chef-platform-auth-cli user-account user assign-role [flags]
Options
--body
Role to be assigned to this user
--body-file
Path to file in the local system containing valid body parameter value
--body-format
Format of the --body or --body-file, options: json, yaml, toml
Default value:
json
--format
to print response in format
Default value:
json
-h
--help
help for assign-role
Default value:
false
--profile
name of the profile to be used for cmd
Default value:
default
--userId
ID of an User
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli user-account user assign-roles
Create bulk users and assign respective roles to each user.
Synopsis
Summary:
If the user with the provided email already exists,the API will assign the specified role(s) to the user as a final set of roles. If the user does not exist, the API will create the user, and the API will assign the specified role(s) to the user as a final set of roles. If the provided role does not exist, the API returns an error. List of users in request object is limited.If the limit exceeded server will through an error.
Errors
404 (Not Found)
The role you requested does not exist in the organization.
409 (Conflict)
The role is already assigned to this user.
422 (Role validation failed)
The role is a system or service role, not a user role.
423 (Locked)
The role or user is disabled.
401 (Unauthorized)
The credential used to access this resource is invalid or expired.
403 (Forbidden)
A user with this role is not allowed to access the resource.
413 (Content Too Large)
Request entity is larger than the limits defined by the server
500 (Internal Server Error)
Some unexpected errors occurred while requesting this resource.
502 (Bad Gateway Error)
Communication error between two web servers.
503 (Service Unavailable)
The request service is not responsive.
Usage
chef-platform-auth-cli user-account user assign-roles [flags]
Options
--body
Roles to be assigned to the list of provided user
--body-file
Path to file in the local system containing valid body parameter value
--body-format
Format of the --body or --body-file, options: json, yaml, toml
Default value:
json
--format
to print response in format
Default value:
json
-h
--help
help for assign-roles
Default value:
false
--profile
name of the profile to be used for cmd
Default value:
default
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli user-account user create-token
create a new API token for the user in current organization
Synopsis
Summary:
Use this operation to assign a new api token for a user
Errors
404 (Not Found)
The user you requested does not exist in the organization
404 (Not Found)
The role you requested is not assigned to the user
409 (Conflict)
The user is disabled
423 (Locked)
The user is locked
422 (Validation failed)
The expiration date is incorrect
401 (Unauthorized)
The credential used to access this resource is invalid/expired.
403 (Forbidden)
User with this role is not allowed to access the resource.
500 (Internal Server Error)
Some unexpected error occurred requesting this resource.
Usage
chef-platform-auth-cli user-account user create-token [flags]
Options
--body
Token to be created
--body-file
Path to file in the local system containing valid body parameter value
--body-format
Format of the --body or --body-file, options: json, yaml, toml
Default value:
json
--format
to print response in format
Default value:
json
-h
--help
help for create-token
Default value:
false
--profile
name of the profile to be used for cmd
Default value:
default
--userId
ID of an User
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli user-account user delete-role
Delete a given role for a given user.
Synopsis
Summary:
Use this operation to remove a role from a user. This will prevent the user from accessing this role upon the next login.
Errors
404 (Not Found)
The user requested does not exist in the organization
404 (Not Found)
The role you requested does not exist in the organization
412 (Precondition Failed)
If the “If-Match” header is included in the request, this error status indicates that the value of “If-Match” (the ETag information) did not match and therefore the entity was not updated.
401 (Unauthorized)
The credential used to access this resource is invalid/expired.
403 (Forbidden)
User with this role is not allowed to access the resource.
500 (Internal Server Error)
Some unexpected error occurred requesting this resource.
Usage
chef-platform-auth-cli user-account user delete-role [flags]
Options
--format
to print response in format
Default value:
json
-h
--help
help for delete-role
Default value:
false
--If-Match
If-Match will compare the supplied etag to the resource requested. If the etag does not match the operation will be aborted.
--profile
name of the profile to be used for cmd
Default value:
default
--roleId
ID of a Role
--userId
ID of an User
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli user-account user delete-token
Deletes a user’s API token in current organization
Synopsis
Summary:
Use this operation to delete a users API token.
Errors
404 (Not Found)
The user you requested does not exist in the organization
404 (Not Found)
The token requested does not exist in the organization or is not assigned to the user
412 (Precondition Failed)
If the “If-Match” header is included in the request, this error status indicates that the value of “If-Match” (the ETag information) did not match and therefore the entity was not updated.
409 (Conflict)
The user is disabled
423 (Locked)
The user is locked
401 (Unauthorized)
The credential used to access this resource is invalid/expired.
403 (Forbidden)
User with this role is not allowed to access the resource.
500 (Internal Server Error)
Some unexpected error occurred requesting this resource.
Usage
chef-platform-auth-cli user-account user delete-token [flags]
Options
--format
to print response in format
Default value:
json
-h
--help
help for delete-token
Default value:
false
--If-Match
If-Match will compare the supplied etag to the resource requested. If the etag does not match the operation will be aborted.
--profile
name of the profile to be used for cmd
Default value:
default
--tokenId
ID of a API Token
--userId
ID of an User
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli user-account user disable-role
Disable a given role for a given user in the current organization unit
Synopsis
Summary:
Use this operation to disable a role for given user in current organization unit.
WARNING This will enabled this role only for given user in the current organization unit
Errors
404 (Not Found)
The user you requested does not exist in the current organization unit
404 (Not Found)
The role you requested is not assigned to this user in the organization unit
409 (Conflict)
The role for given user is already disabled
412 (Precondition Failed)
If the “If-Match” header is included in the request, this error status indicates that the value of “If-Match” (the ETag information) did not match and therefore the entity was not updated.
401 (Unauthorized)
The credential used to access this resource is invalid/expired.
403 (Forbidden)
User with this role is not allowed to access the resource.
500 (Internal Server Error)
Some unexpected error occurred requesting this resource.
Usage
chef-platform-auth-cli user-account user disable-role [flags]
Options
--format
to print response in format
Default value:
json
-h
--help
help for disable-role
Default value:
false
--If-Match
If-Match will compare the supplied etag to the resource requested. If the etag does not match the operation will be aborted.
--profile
name of the profile to be used for cmd
Default value:
default
--roleId
ID of a Role
--userId
ID of an User
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli user-account user disable-user
Disable a user for the current organizational unit
Synopsis
Summary:
Use this operation when there is a need to disable a user without deleting them.
WARNING This will disable this user only for the current organizational unit
Errors
404 (Not Found)
The user you requested does not exist in the current organizational unit
409 (Conflict)
The user is already disabled
401 (Unauthorized)
The credential used to access this resource is invalid/expired.
403 (Forbidden)
User with this role is not allowed to access the resource.
500 (Internal Server Error)
Some unexpected error occurred requesting this resource.
Usage
chef-platform-auth-cli user-account user disable-user [flags]
Options
--format
to print response in format
Default value:
json
-h
--help
help for disable-user
Default value:
false
--profile
name of the profile to be used for cmd
Default value:
default
--userId
ID of an User
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli user-account user enable-role
Enable a given role for a given user in the current organization unit
Synopsis
Summary:
Use this operation to enable a role for given user in current organization unit.
WARNING This will enabled this role only for given user in the current organization unit
Errors
404 (Not Found)
The user you requested does not exist in the current organization unit
409 (Conflict)
The role for given user is already enabled
412 (Precondition Failed)
If the “If-Match” header is included in the request, this error status indicates that the value of “If-Match” (the ETag information) did not match and therefore the entity was not updated.
401 (Unauthorized)
The credential used to access this resource is invalid/expired.
403 (Forbidden)
User with this role is not allowed to access the resource.
500 (Internal Server Error)
Some unexpected error occurred requesting this resource.
Usage
chef-platform-auth-cli user-account user enable-role [flags]
Options
--format
to print response in format
Default value:
json
-h
--help
help for enable-role
Default value:
false
--If-Match
If-Match will compare the supplied etag to the resource requested. If the etag does not match the operation will be aborted.
--profile
name of the profile to be used for cmd
Default value:
default
--roleId
ID of a Role
--userId
ID of an User
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli user-account user enable-user
Enable a user for the current organizational unit
Synopsis
Summary:
Use this operation to enable a user in current organization unit.
WARNING This will enabled this user only for the current organizational unit
Errors
404 (Not Found)
The user you requested does not exist in the current organizational unit
409 (Conflict)
The user is already enabled
401 (Unauthorized)
The credential used to access this resource is invalid/expired.
403 (Forbidden)
User with this role is not allowed to access the resource.
500 (Internal Server Error)
Some unexpected error occurred requesting this resource.
Usage
chef-platform-auth-cli user-account user enable-user [flags]
Options
--format
to print response in format
Default value:
json
-h
--help
help for enable-user
Default value:
false
--profile
name of the profile to be used for cmd
Default value:
default
--userId
ID of an User
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli user-account user get-role
Get details of a given role for a given user.
Synopsis
Summary:
Use this operation to get the details on a role assigned to a user
Errors
404 (Not Found)
The user requested does not exist in the organization
404 (Not Found)
The role you requested is not assigned to this user in the organization
401 (Unauthorized)
The credential used to access this resource is invalid/expired.
403 (Forbidden)
User with this role is not allowed to access the resource.
500 (Internal Server Error)
Some unexpected error occurred requesting this resource.
Usage
chef-platform-auth-cli user-account user get-role [flags]
Options
--format
to print response in format
Default value:
json
-h
--help
help for get-role
Default value:
false
--profile
name of the profile to be used for cmd
Default value:
default
--roleId
ID of a Role
--userId
ID of an User
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli user-account user get-token
Get a user’s API token in current organization
Synopsis
Summary:
Use this operation to get a users API token
Errors
404 (Not Found)
The policy requested does not exist in the organization
409 (Conflict)
The user is disabled
423 (Locked)
The user is locked
401 (Unauthorized)
The credential used to access this resource is invalid/expired.
403 (Forbidden)
User with this role is not allowed to access the resource.
500 (Internal Server Error)
Some unexpected error occurred requesting this resource.
Usage
chef-platform-auth-cli user-account user get-token [flags]
Options
--format
to print response in format
Default value:
json
-h
--help
help for get-token
Default value:
false
--profile
name of the profile to be used for cmd
Default value:
default
--tokenId
ID of a API Token
--userId
ID of an User
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli user-account user getJwt-apiToken
Get jwt token by exchanging the oauth code and state for the selected tenant, org, role and user
Synopsis
Summary:
Use this operation to get jwt token by exchanging the oauth code and state for the selected tenant, org, role and user
Errors
403 (Unauthorized)
The given oauth code and state is not valid
422 (Unprocessable Content)
The given values for oauth code and state is not in correct format
423 (Locked)
This identity is locked/disabled
423 (Locked)
This user is disabled in the org where the token belongs
500 (Internal Server Error)
Some unexpected error occurred requesting this resource.
Usage
chef-platform-auth-cli user-account user getJwt-apiToken [flags]
Options
--body
Get JWT token by exchanging the oauth code and state
--body-file
Path to file in the local system containing valid body parameter value
--body-format
Format of the --body or --body-file, options: json, yaml, toml
Default value:
json
--format
to print response in format
Default value:
json
-h
--help
help for getJwt-apiToken
Default value:
false
--profile
name of the profile to be used for cmd
Default value:
default
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli user-account user list-roles
List roles assigned to given user
Synopsis
Summary:
Use this operation to list all roles assigned to a user
Errors
404 (Not Found)
The user you requested does not exist in the organization
401 (Unauthorized)
The credential used to access this resource is invalid/expired.
403 (Forbidden)
User with this role is not allowed to access the resource.
500 (Internal Server Error)
Some unexpected error occurred requesting this resource.
Usage
chef-platform-auth-cli user-account user list-roles [flags]
Options
--format
to print response in format
Default value:
json
-h
--help
help for list-roles
Default value:
false
--profile
name of the profile to be used for cmd
Default value:
default
--userId
ID of an User
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli user-account user list-tokens
List all the tokens for the user in current organization
Synopsis
Summary:
Use this operation to list all tokens assigned to the user
Errors
404 (Not Found)
The user is not found in the organization
409 (Conflict)
The user is disabled
423 (Locked)
The user is locked
401 (Unauthorized)
The credential used to access this resource is invalid/expired.
403 (Forbidden)
User with this role is not allowed to access the resource.
500 (Internal Server Error)
Some unexpected error occurred requesting this resource.
Usage
chef-platform-auth-cli user-account user list-tokens [flags]
Options
--format
to print response in format
Default value:
json
-h
--help
help for list-tokens
Default value:
false
--profile
name of the profile to be used for cmd
Default value:
default
--userId
ID of an User
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli user-account user list-users
Find all users present in current organization unit.
Synopsis
Summary:
This operation will search for users in the current organization.
Errors
422 (Unprocessable Content)
The request query string options does not meet the validation requirements. Reference the errors in the response for more details.
401 (Unauthorized)
The credential used to access this resource is invalid/expired.
403 (Forbidden)
User with this role is not allowed to access the resource.
404 (Not Found)
The server could not located the requested resource.
500 (Internal Server Error)
Some unexpected error occurred requesting this resource.
Usage
chef-platform-auth-cli user-account user list-users [flags]
Options
--format
to print response in format
Default value:
json
-h
--help
help for list-users
Default value:
false
--includeRoles
Include user roles in the response
Default value:
false
--pagination.page
what page of the pagination
Default value:
1
--pagination.size
items per page
Default value:
10
--profile
name of the profile to be used for cmd
Default value:
default
--roleId
the role id
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli user-account user login-apiToken
Get oauth code for given TenantId and API token
Synopsis
Summary:
This operation will get oauth code for given TenantId and API token
Errors
401 (Unauthorized)
The API token doesn’t belong to the tenant
401 (Unauthorized)
The API token in expired
423 (Locked)
This identity is locked/disabled
423 (Locked)
This user is disabled in the org in which the token belongs
422 (Unprocessable Content)
The request query string options does not meet the validation requirements. Reference the errors in the response for more details.
401 (Unauthorized)
The credential used to access this resource is invalid/expired.
403 (Forbidden)
User with this role is not allowed to access the resource.
500 (Internal Server Error)
Some unexpected error occurred requesting this resource.
Usage
chef-platform-auth-cli user-account user login-apiToken [flags]
Options
--body
Get oauth code for given tenant and api token
--body-file
Path to file in the local system containing valid body parameter value
--body-format
Format of the --body or --body-file, options: json, yaml, toml
Default value:
json
--format
to print response in format
Default value:
json
-h
--help
help for login-apiToken
Default value:
false
--profile
name of the profile to be used for cmd
Default value:
default
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli user-account user remove-user
Delete a user from current organization
Synopsis
Summary:
Use this operation to remove a user from the current organization.
Notes:
This will NOT remove the user from the tenant, it will only remove this user from the current organization.
Errors
404 (Not Found)
The node or role you requested does not exist in the organization
401 (Unauthorized)
The credential used to access this resource is invalid/expired.
403 (Forbidden)
User with this role is not allowed to access the resource.
500 (Internal Server Error)
Some unexpected error occurred requesting this resource.
Usage
chef-platform-auth-cli user-account user remove-user [flags]
Options
--format
to print response in format
Default value:
json
-h
--help
help for remove-user
Default value:
false
--profile
name of the profile to be used for cmd
Default value:
default
--userId
ID of an User
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli user-account user revoke-token
revoke the API Token for an user in teh current organization
Synopsis
Summary:
Use this operation to revoke (immediately expire) but not delete an API token
Errors
404 (Not Found)
The user you requested does not exist in the current organizational unit
404 (Not Found)
The token you requested does not exist in the current organizational unit or is not assigned to the user
409 (Conflict)
The token is already revoked
412 (Precondition Failed)
If the “If-Match” header is included in the request, this error status indicates that the value of “If-Match” (the ETag information) did not match and therefore the entity was not updated.
423 (Locked)
The user is locked
401 (Unauthorized)
The credential used to access this resource is invalid/expired.
403 (Forbidden)
User with this role is not allowed to access the resource.
500 (Internal Server Error)
Some unexpected error occurred requesting this resource.
Usage
chef-platform-auth-cli user-account user revoke-token [flags]
Options
--format
to print response in format
Default value:
json
-h
--help
help for revoke-token
Default value:
false
--If-Match
If-Match will compare the supplied etag to the resource requested. If the etag does not match the operation will be aborted.
--profile
name of the profile to be used for cmd
Default value:
default
--tokenId
ID of a API Token
--userId
ID of an User
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli user-account user verify-api
Verify the token for login
Synopsis
Summary:
Use this operation to verify the API token and API secret.
Note:
- This is used by the Authentication service, and thus allows anonymous access
WARNING: The Expand parameter may require change in the future it is intended to be used by the authentication system and not directly by end users. This may need to move to a header varaible with a token to allow the expand operation to occur
Errors
401 (Unauthorized)
API Key or Token are not valid for the tenant
404 (Not Found)
The tenant does not exist
422 (Unprocessable Content)
The requested payload does not meet the validation requirements. Reference the errors in the response for more details.
423 (Locked)
This API token has expired
500 (Internal Server Error)
Some unexpected error occurred requesting this resource.
Usage
chef-platform-auth-cli user-account user verify-api [flags]
Options
--body
Tenant, API Key and Secret key
--body-file
Path to file in the local system containing valid body parameter value
--body-format
Format of the --body or --body-file, options: json, yaml, toml
Default value:
json
--format
to print response in format
Default value:
json
-h
--help
help for verify-api
Default value:
false
--profile
name of the profile to be used for cmd
Default value:
default
--userId
ID of an User
--verbose
to show debug logs
Default value:
false
See also
chef-platform-auth-cli version
Chef Platform version
Usage
chef-platform-auth-cli version [flags]
Options
-h
--help
help for version
Default value:
false