diff --git a/CHANGELOG.md b/CHANGELOG.md index d3034997..0b911a27 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,9 @@ +## [2.8.18](https://github.com/salesforcecli/plugin-auth/compare/2.8.17...2.8.18) (2023-09-28) + +### Bug Fixes + +- **deps:** bump get-func-name from 2.0.0 to 2.0.2 ([64bd912](https://github.com/salesforcecli/plugin-auth/commit/64bd9125fd2bf77e28c8cc16952c551224660260)) + ## [2.8.17](https://github.com/salesforcecli/plugin-auth/compare/2.8.16...2.8.17) (2023-09-16) ### Bug Fixes diff --git a/README.md b/README.md index 4e6e0387..1537279a 100644 --- a/README.md +++ b/README.md @@ -70,615 +70,447 @@ sfdx plugins -- [`sfdx auth:accesstoken:store -r [-d] [-s] [-a ] [-p] [--json] [--loglevel trace|debug|info|warn|error|fatal|TRACE|DEBUG|INFO|WARN|ERROR|FATAL]`](#sfdx-authaccesstokenstore--r-url--d--s--a-string--p---json---loglevel-tracedebuginfowarnerrorfataltracedebuginfowarnerrorfatal) -- [`sfdx auth:device:login [-i ] [-r ] [-d] [-s] [-a ] [--json] [--loglevel trace|debug|info|warn|error|fatal|TRACE|DEBUG|INFO|WARN|ERROR|FATAL]`](#sfdx-authdevicelogin--i-string--r-url--d--s--a-string---json---loglevel-tracedebuginfowarnerrorfataltracedebuginfowarnerrorfatal) -- [`sfdx auth:jwt:grant -u -f -i [-r ] [-d] [-s] [-a ] [--json] [--loglevel trace|debug|info|warn|error|fatal|TRACE|DEBUG|INFO|WARN|ERROR|FATAL]`](#sfdx-authjwtgrant--u-string--f-filepath--i-string--r-url--d--s--a-string---json---loglevel-tracedebuginfowarnerrorfataltracedebuginfowarnerrorfatal) -- [`sfdx auth:list [--json] [--loglevel trace|debug|info|warn|error|fatal|TRACE|DEBUG|INFO|WARN|ERROR|FATAL]`](#sfdx-authlist---json---loglevel-tracedebuginfowarnerrorfataltracedebuginfowarnerrorfatal) -- [`sfdx auth:logout [-a] [-p] [-u ] [--apiversion ] [--json] [--loglevel trace|debug|info|warn|error|fatal|TRACE|DEBUG|INFO|WARN|ERROR|FATAL]`](#sfdx-authlogout--a--p--u-string---apiversion-string---json---loglevel-tracedebuginfowarnerrorfataltracedebuginfowarnerrorfatal) -- [`sfdx auth:sfdxurl:store -f [-d] [-s] [-a ] [--json] [--loglevel trace|debug|info|warn|error|fatal|TRACE|DEBUG|INFO|WARN|ERROR|FATAL]`](#sfdx-authsfdxurlstore--f-filepath--d--s--a-string---json---loglevel-tracedebuginfowarnerrorfataltracedebuginfowarnerrorfatal) -- [`sfdx auth:web:login [-i ] [-r ] [-d] [-s] [-a ] [--json] [--loglevel trace|debug|info|warn|error|fatal|TRACE|DEBUG|INFO|WARN|ERROR|FATAL]`](#sfdx-authweblogin--i-string--r-url--d--s--a-string---json---loglevel-tracedebuginfowarnerrorfataltracedebuginfowarnerrorfatal) -- [`sfdx force:auth:accesstoken:store -r [-d] [-s] [-a ] [-p] [--json] [--loglevel trace|debug|info|warn|error|fatal|TRACE|DEBUG|INFO|WARN|ERROR|FATAL]`](#sfdx-forceauthaccesstokenstore--r-url--d--s--a-string--p---json---loglevel-tracedebuginfowarnerrorfataltracedebuginfowarnerrorfatal) -- [`sfdx force:auth:device:login [-i ] [-r ] [-d] [-s] [-a ] [--json] [--loglevel trace|debug|info|warn|error|fatal|TRACE|DEBUG|INFO|WARN|ERROR|FATAL]`](#sfdx-forceauthdevicelogin--i-string--r-url--d--s--a-string---json---loglevel-tracedebuginfowarnerrorfataltracedebuginfowarnerrorfatal) -- [`sfdx force:auth:jwt:grant -u -f -i [-r ] [-d] [-s] [-a ] [--json] [--loglevel trace|debug|info|warn|error|fatal|TRACE|DEBUG|INFO|WARN|ERROR|FATAL]`](#sfdx-forceauthjwtgrant--u-string--f-filepath--i-string--r-url--d--s--a-string---json---loglevel-tracedebuginfowarnerrorfataltracedebuginfowarnerrorfatal) -- [`sfdx force:auth:list [--json] [--loglevel trace|debug|info|warn|error|fatal|TRACE|DEBUG|INFO|WARN|ERROR|FATAL]`](#sfdx-forceauthlist---json---loglevel-tracedebuginfowarnerrorfataltracedebuginfowarnerrorfatal) -- [`sfdx force:auth:logout [-a] [-p] [-u ] [--apiversion ] [--json] [--loglevel trace|debug|info|warn|error|fatal|TRACE|DEBUG|INFO|WARN|ERROR|FATAL]`](#sfdx-forceauthlogout--a--p--u-string---apiversion-string---json---loglevel-tracedebuginfowarnerrorfataltracedebuginfowarnerrorfatal) -- [`sfdx force:auth:sfdxurl:store -f [-d] [-s] [-a ] [--json] [--loglevel trace|debug|info|warn|error|fatal|TRACE|DEBUG|INFO|WARN|ERROR|FATAL]`](#sfdx-forceauthsfdxurlstore--f-filepath--d--s--a-string---json---loglevel-tracedebuginfowarnerrorfataltracedebuginfowarnerrorfatal) -- [`sfdx force:auth:web:login [-i ] [-r ] [-d] [-s] [-a ] [--json] [--loglevel trace|debug|info|warn|error|fatal|TRACE|DEBUG|INFO|WARN|ERROR|FATAL]`](#sfdx-forceauthweblogin--i-string--r-url--d--s--a-string---json---loglevel-tracedebuginfowarnerrorfataltracedebuginfowarnerrorfatal) - -## `sfdx auth:accesstoken:store -r [-d] [-s] [-a ] [-p] [--json] [--loglevel trace|debug|info|warn|error|fatal|TRACE|DEBUG|INFO|WARN|ERROR|FATAL]` - -authorize an org using an existing Salesforce access token +- [`sfdx org:list:auth`](#sfdx-orglistauth) +- [`sfdx org:login:access-token`](#sfdx-orgloginaccess-token) +- [`sfdx org:login:device`](#sfdx-orglogindevice) +- [`sfdx org:login:jwt`](#sfdx-orgloginjwt) +- [`sfdx org:login:sfdx-url`](#sfdx-orgloginsfdx-url) +- [`sfdx org:login:web`](#sfdx-orgloginweb) +- [`sfdx org:logout`](#sfdx-orglogout) + +## `sfdx org:list:auth` + +List authorization information about the orgs you created or logged into. ``` USAGE - $ sfdx auth:accesstoken:store -r [-d] [-s] [-a ] [-p] [--json] [--loglevel - trace|debug|info|warn|error|fatal|TRACE|DEBUG|INFO|WARN|ERROR|FATAL] + $ sfdx org:list:auth [--json] -FLAGS - -a, --setalias= set an alias for the authenticated - org - -d, --setdefaultdevhubusername set the authenticated org as the - default dev hub org for scratch org - creation - -p, --noprompt do not prompt for confirmation - -r, --instanceurl= (required) the login URL of the - instance the org lives on - -s, --setdefaultusername set the authenticated org as the - default username that all commands - run against - --json format output as json - --loglevel=(trace|debug|info|warn|error|fatal|TRACE|DEBUG|INFO|WARN|ERROR|FATAL) [default: warn] logging level for - this command invocation +GLOBAL FLAGS + --json Format output as json. DESCRIPTION - authorize an org using an existing Salesforce access token - - By default, the command runs interactively and asks you for the access token. If you previously authorized the org, - the command prompts whether you want to overwrite the local file. Specify --noprompt to not be prompted. + List authorization information about the orgs you created or logged into. - To use the command in a CI/CD script, set the SFDX_ACCESS_TOKEN environment variable to the access token. Then run the - command with the --noprompt parameter. "!" + This command uses local authorization information that Salesforce CLI caches when you create a scratch org or log into + an org. The command doesn't actually connect to the orgs to verify that they're still active. As a result, this + command executes very quickly. If you want to view live information about your authorized orgs, such as their + connection status, use the "org list" command. ALIASES - $ sfdx force:auth:accesstoken:store + $ sfdx force:auth:list + $ sfdx auth:list EXAMPLES - $ sfdx auth:accesstoken:store --instanceurl https://mycompany.my.salesforce.com + List local authorization information about your orgs: - $ export SFDX_ACCESS_TOKEN=00Dxx0000000000!xxxxx - - $ sfdx auth:accesstoken:store --instanceurl https://dev-hub.my.salesforce.com --noprompt + $ sfdx org:list:auth ``` -_See code: [src/commands/auth/accesstoken/store.ts](https://github.com/salesforcecli/plugin-auth/blob/v2.2.2/src/commands/auth/accesstoken/store.ts)_ +_See code: [src/commands/org/list/auth.ts](https://github.com/salesforcecli/plugin-auth/blob/2.8.18/src/commands/org/list/auth.ts)_ -## `sfdx auth:device:login [-i ] [-r ] [-d] [-s] [-a ] [--json] [--loglevel trace|debug|info|warn|error|fatal|TRACE|DEBUG|INFO|WARN|ERROR|FATAL]` +## `sfdx org:login:access-token` -authorize an org using a device code +Authorize an org using an existing Salesforce access token. ``` USAGE - $ sfdx auth:device:login [-i ] [-r ] [-d] [-s] [-a ] [--json] [--loglevel - trace|debug|info|warn|error|fatal|TRACE|DEBUG|INFO|WARN|ERROR|FATAL] + $ sfdx org:login:access-token -r [--json] [-d] [-s] [-a ] [-p] FLAGS - -a, --setalias= set an alias for the authenticated - org - -d, --setdefaultdevhubusername set the authenticated org as the - default dev hub org for scratch org - creation - -i, --clientid= OAuth client ID (sometimes called - the consumer key) - -r, --instanceurl= the login URL of the instance the - org lives on - -s, --setdefaultusername set the authenticated org as the - default username that all commands - run against - --json format output as json - --loglevel=(trace|debug|info|warn|error|fatal|TRACE|DEBUG|INFO|WARN|ERROR|FATAL) [default: warn] logging level for - this command invocation + -a, --alias= Alias for the org. + -d, --set-default-dev-hub Set the authenticated org as the default Dev Hub. + -p, --no-prompt Don't prompt for confirmation. + -r, --instance-url= (required) URL of the instance that the org lives on. + -s, --set-default Set the authenticated org as the default that all org-related commands run against. + +GLOBAL FLAGS + --json Format output as json. DESCRIPTION - authorize an org using a device code + Authorize an org using an existing Salesforce access token. - You must open a browser, navigate to the verification URL, and enter the code. Log in, if not already logged in, and - you’ll be prompted to allow the device to connect to the org. + By default, the command runs interactively and asks you for the access token. If you previously authorized the org, + the command prompts whether you want to overwrite the local file. Specify --no-prompt to not be prompted. + + To use the command in a CI/CD script, set the SFDX_ACCESS_TOKEN environment variable to the access token. Then run the + command with the --no-prompt parameter. ALIASES - $ sfdx force:auth:device:login + $ sfdx force:auth:accesstoken:store + $ sfdx auth:accesstoken:store EXAMPLES - $ sfdx auth:device:login -d -a TestOrg1 + Authorize an org on https://mycompany.my.salesforce.com; the command prompts you for the access token: - $ sfdx auth:device:login -i + $ sfdx org:login:access-token --instance-url https://mycompany.my.salesforce.com - $ sfdx auth:device:login -r https://MyDomainName--SandboxName.sandbox.my.salesforce.com -``` - -_See code: [src/commands/auth/device/login.ts](https://github.com/salesforcecli/plugin-auth/blob/v2.2.2/src/commands/auth/device/login.ts)_ - -## `sfdx auth:jwt:grant -u -f -i [-r ] [-d] [-s] [-a ] [--json] [--loglevel trace|debug|info|warn|error|fatal|TRACE|DEBUG|INFO|WARN|ERROR|FATAL]` - -authorize an org using the JWT flow + Authorize the org without being prompted; you must have previously set the SFDX_ACCESS_TOKEN environment variable to + the access token: -``` -USAGE - $ sfdx auth:jwt:grant -u -f -i [-r ] [-d] [-s] [-a ] [--json] - [--loglevel trace|debug|info|warn|error|fatal|TRACE|DEBUG|INFO|WARN|ERROR|FATAL] + $ sfdx org:login:access-token --instance-url https://dev-hub.my.salesforce.com --no-prompt -FLAGS - -a, --setalias= set an alias for the authenticated - org - -d, --setdefaultdevhubusername set the authenticated org as the - default dev hub org for scratch org - creation - -f, --jwtkeyfile= (required) path to a file containing - the private key - -i, --clientid= (required) OAuth client ID - (sometimes called the consumer key) - -r, --instanceurl= the login URL of the instance the - org lives on - -s, --setdefaultusername set the authenticated org as the - default username that all commands - run against - -u, --username= (required) authentication username - --json format output as json - --loglevel=(trace|debug|info|warn|error|fatal|TRACE|DEBUG|INFO|WARN|ERROR|FATAL) [default: warn] logging level for - this command invocation +FLAG DESCRIPTIONS + -r, --instance-url= URL of the instance that the org lives on. -DESCRIPTION - authorize an org using the JWT flow - - Use a certificate associated with your private key that has been uploaded to a personal connected app. - - If you specify an --instanceurl value, this value overrides the sfdcLoginUrl value in your sfdx-project.json file. To - specify a My Domain URL, use the format MyDomainName.my.salesforce.com (not MyDomainName.lightning.force.com). To - specify a sandbox, set --instanceurl to https://MyDomainName--SandboxName.sandbox.my.salesforce.com. - -ALIASES - $ sfdx force:auth:jwt:grant - -EXAMPLES - $ sfdx auth:jwt:grant -u me@my.org -f -i + If you specify an --instance-url value, this value overrides the sfdcLoginUrl value in your sfdx-project.json file. - $ sfdx auth:jwt:grant -u me@my.org -f -i -s -a MyDefaultOrg + To specify a My Domain URL, use the format https://yourcompanyname.my.salesforce.com. - $ sfdx auth:jwt:grant -u me@acme.org -f -i -r https://acme.my.salesforce.com + To specify a sandbox, set --instance-url to https://MyDomainName--SandboxName.sandbox.my.salesforce.com. ``` -_See code: [src/commands/auth/jwt/grant.ts](https://github.com/salesforcecli/plugin-auth/blob/v2.2.2/src/commands/auth/jwt/grant.ts)_ +_See code: [src/commands/org/login/access-token.ts](https://github.com/salesforcecli/plugin-auth/blob/2.8.18/src/commands/org/login/access-token.ts)_ -## `sfdx auth:list [--json] [--loglevel trace|debug|info|warn|error|fatal|TRACE|DEBUG|INFO|WARN|ERROR|FATAL]` +## `sfdx org:login:device` -list auth connection information +Authorize an org using a device code. ``` USAGE - $ sfdx auth:list [--json] [--loglevel trace|debug|info|warn|error|fatal|TRACE|DEBUG|INFO|WARN|ERROR|FATAL] + $ sfdx org:login:device [--json] [-i ] [-r ] [-d] [-s] [-a ] FLAGS - --json format output as json - --loglevel=(trace|debug|info|warn|error|fatal|TRACE|DEBUG|INFO|WARN|ERROR|FATAL) [default: warn] logging level for - this command invocation + -a, --alias= Alias for the org. + -d, --set-default-dev-hub Set the authenticated org as the default Dev Hub. + -i, --client-id= OAuth client ID (also called consumer key) of your custom connected app. + -r, --instance-url= URL of the instance that the org lives on. + -s, --set-default Set the authenticated org as the default that all org-related commands run against. + +GLOBAL FLAGS + --json Format output as json. DESCRIPTION - list auth connection information + Authorize an org using a device code. -ALIASES - $ sfdx force:auth:list -``` + Use this command to allow a device to connect to an org. -_See code: [src/commands/auth/list.ts](https://github.com/salesforcecli/plugin-auth/blob/v2.2.2/src/commands/auth/list.ts)_ + When you run this command, it first displays an 8-digit device code and the URL for verifying the code on your org. + The default instance URL is https://login.salesforce.com, so if the org you're authorizing is on a different instance, + use the --instance-url. The command waits while you complete the verification. Open a browser and navigate to the + displayed verification URL, enter the code, then click Connect. If you aren't already logged into your org, log in, + and then you're prompted to allow the device to connect to the org. After you successfully authorize the org, you can + close the browser window. -## `sfdx auth:logout [-a] [-p] [-u ] [--apiversion ] [--json] [--loglevel trace|debug|info|warn|error|fatal|TRACE|DEBUG|INFO|WARN|ERROR|FATAL]` +ALIASES + $ sfdx force:auth:device:login + $ sfdx auth:device:login -log out from authorized orgs +EXAMPLES + Authorize an org using a device code, give the org the alias TestOrg1, and set it as your default Dev Hub org: -``` -USAGE - $ sfdx auth:logout [-a] [-p] [-u ] [--apiversion ] [--json] [--loglevel - trace|debug|info|warn|error|fatal|TRACE|DEBUG|INFO|WARN|ERROR|FATAL] + $ sfdx org:login:device --set-default-dev-hub --alias TestOrg1 -FLAGS - -a, --all include all authenticated orgs - -p, --noprompt do not prompt for confirmation - -u, --targetusername= username or alias for the target - org; overrides default target org - --apiversion= override the api version used for - api requests made by this command - --json format output as json - --loglevel=(trace|debug|info|warn|error|fatal|TRACE|DEBUG|INFO|WARN|ERROR|FATAL) [default: warn] logging level for - this command invocation + Authorize an org in which you've created a custom connected app with the specified client ID (consumer key): -DESCRIPTION - log out from authorized orgs + $ sfdx org:login:device --client-id - By default, this command logs you out from your default scratch org. + Authorize a sandbox org with the specified instance URL: -ALIASES - $ sfdx force:auth:logout + $ sfdx org:login:device --instance-url https://MyDomainName--SandboxName.sandbox.my.salesforce.com -EXAMPLES - $ sfdx auth:logout -u me@my.org +FLAG DESCRIPTIONS + -r, --instance-url= URL of the instance that the org lives on. + + If you specify an --instance-url value, this value overrides the sfdcLoginUrl value in your sfdx-project.json file. - $ sfdx auth:logout -a + To specify a My Domain URL, use the format https://yourcompanyname.my.salesforce.com. - $ sfdx auth:logout -p + To specify a sandbox, set --instance-url to https://MyDomainName--SandboxName.sandbox.my.salesforce.com. ``` -_See code: [src/commands/auth/logout.ts](https://github.com/salesforcecli/plugin-auth/blob/v2.2.2/src/commands/auth/logout.ts)_ +_See code: [src/commands/org/login/device.ts](https://github.com/salesforcecli/plugin-auth/blob/2.8.18/src/commands/org/login/device.ts)_ -## `sfdx auth:sfdxurl:store -f [-d] [-s] [-a ] [--json] [--loglevel trace|debug|info|warn|error|fatal|TRACE|DEBUG|INFO|WARN|ERROR|FATAL]` +## `sfdx org:login:jwt` -authorize an org using an SFDX auth URL stored within a file +Log in to a Salesforce org using a JSON web token (JWT). ``` USAGE - $ sfdx auth:sfdxurl:store -f [-d] [-s] [-a ] [--json] [--loglevel - trace|debug|info|warn|error|fatal|TRACE|DEBUG|INFO|WARN|ERROR|FATAL] + $ sfdx org:login:jwt -o -f -i [--json] [-r ] [-d] [-s] [-a ] FLAGS - -a, --setalias= set an alias for the authenticated - org - -d, --setdefaultdevhubusername set the authenticated org as the - default dev hub org for scratch org - creation - -f, --sfdxurlfile= (required) path to a file containing - the sfdx url - -s, --setdefaultusername set the authenticated org as the - default username that all commands - run against - --json format output as json - --loglevel=(trace|debug|info|warn|error|fatal|TRACE|DEBUG|INFO|WARN|ERROR|FATAL) [default: warn] logging level for - this command invocation + -a, --alias= Alias for the org. + -d, --set-default-dev-hub Set the authenticated org as the default Dev Hub. + -f, --jwt-key-file= (required) Path to a file containing the private key. + -i, --client-id= (required) OAuth client ID (also called consumer key) of your custom connected app. + -o, --username= (required) Username of the user logging in. + -r, --instance-url= URL of the instance that the org lives on. + -s, --set-default Set the authenticated org as the default that all org-related commands run against. + +GLOBAL FLAGS + --json Format output as json. DESCRIPTION - authorize an org using an SFDX auth URL stored within a file + Log in to a Salesforce org using a JSON web token (JWT). - The SFDX auth URL must have the format "force://::@". NOTE: The - SFDX auth URL uses the "force" protocol, and not "http" or "https". Also, the "instanceUrl" inside the SFDX auth URL - doesn't include the protocol ("https://"). + Use this command in automated environments where you can’t interactively log in with a browser, such as in CI/CD + scripts. - You have three options when creating the auth file. The easiest option is to redirect the output of the `sfdx - force:org:display --verbose --json` command into a file. For example, using an org you have already authorized: + Logging into an org authorizes the CLI to run other commands that connect to that org, such as deploying or retrieving + a project. You can log into many types of orgs, such as sandboxes, Dev Hubs, Env Hubs, production orgs, and scratch + orgs. - $ sfdx force:org:display -u --verbose --json > authFile.json + Complete these steps before you run this command: - $ sfdx auth:sfdxurl:store -f authFile.json + 1. Create a digital certificate (also called digital signature) and the private key to sign the certificate. You can + use your own key and certificate issued by a certification authority. Or use OpenSSL to create a key and a self-signed + digital certificate. + 2. Store the private key in a file on your computer. When you run this command, you set the --jwt-key-file flag to + this file. + 3. Create a custom connected app in your org using the digital certificate. Make note of the consumer key (also called + client id) that’s generated for you. Be sure the username of the user logging in is approved to use the connected app. + When you run this command, you set the --client-id flag to the consumer key. - The resulting JSON file contains the URL in the sfdxAuthUrl property inside of a results object. NOTE: The - `force:org:display --verbose` command displays the refresh token only for orgs authorized with the web server flow, - and not the JWT bearer flow. + See https://developer.salesforce.com/docs/atlas.en-us.sfdx_dev.meta/sfdx_dev/sfdx_dev_auth_jwt_flow.htm for more + information. - You can also create a JSON file that has a top-level property named sfdxAuthUrl whose value is the auth URL. Finally, - you can create a normal text file that includes just the URL and nothing else. + We recommend that you set an alias when you log into an org. Aliases make it easy to later reference this org when + running commands that require it. If you don’t set an alias, you use the username that you specified when you logged + in to the org. If you run multiple commands that reference the same org, consider setting the org as your default. Use + --set-default for your default scratch org or sandbox, or --set-default-dev-hub for your default Dev Hub. ALIASES - $ sfdx force:auth:sfdxurl:store + $ sfdx force:auth:jwt:grant + $ sfdx auth:jwt:grant EXAMPLES - $ sfdx auth:sfdxurl:store -f + Log into an org with username jdoe@example.org and on the default instance URL (https://login.salesforce.org). The + private key is stored in the file /Users/jdoe/JWT/server.key and the command uses the connected app with consumer + key (client id) 04580y4051234051. - $ sfdx auth:sfdxurl:store -f -s -a MyDefaultOrg -``` + $ sfdx org:login:jwt --username jdoe@example.org --jwt-key-file /Users/jdoe/JWT/server.key --client-id \ + 04580y4051234051 -_See code: [src/commands/auth/sfdxurl/store.ts](https://github.com/salesforcecli/plugin-auth/blob/v2.2.2/src/commands/auth/sfdxurl/store.ts)_ + Set the org as the default and give it an alias: -## `sfdx auth:web:login [-i ] [-r ] [-d] [-s] [-a ] [--json] [--loglevel trace|debug|info|warn|error|fatal|TRACE|DEBUG|INFO|WARN|ERROR|FATAL]` + $ sfdx org:login:jwt --username jdoe@example.org --jwt-key-file /Users/jdoe/JWT/server.key --client-id \ + 04580y4051234051 --alias ci-org --set-default -authorize an org using the web login flow - -``` -USAGE - $ sfdx auth:web:login [-i ] [-r ] [-d] [-s] [-a ] [--json] [--loglevel - trace|debug|info|warn|error|fatal|TRACE|DEBUG|INFO|WARN|ERROR|FATAL] + Set the org as the default Dev Hub and give it an alias: -FLAGS - -a, --setalias= set an alias for the authenticated - org - -d, --setdefaultdevhubusername set the authenticated org as the - default dev hub org for scratch org - creation - -i, --clientid= OAuth client ID (sometimes called - the consumer key) - -r, --instanceurl= the login URL of the instance the - org lives on - -s, --setdefaultusername set the authenticated org as the - default username that all commands - run against - --json format output as json - --loglevel=(trace|debug|info|warn|error|fatal|TRACE|DEBUG|INFO|WARN|ERROR|FATAL) [default: warn] logging level for - this command invocation + $ sfdx org:login:jwt --username jdoe@example.org --jwt-key-file /Users/jdoe/JWT/server.key --client-id \ + 04580y4051234051 --alias ci-dev-hub --set-default-dev-hub -DESCRIPTION - authorize an org using the web login flow + Log in to a sandbox using URL https://MyDomainName--SandboxName.sandbox.my.salesforce.com: - If you specify an --instanceurl value, this value overrides the sfdcLoginUrl value in your sfdx-project.json file. To - specify a My Domain URL, use the format MyDomainName.my.salesforce.com (not MyDomainName.lightning.force.com). To log - in to a sandbox, set --instanceurl to https://MyDomainName--SandboxName.sandbox.my.salesforce.com. + $ sfdx org:login:jwt --username jdoe@example.org --jwt-key-file /Users/jdoe/JWT/server.key --client-id \ + 04580y4051234051 --alias ci-org --set-default --instance-url \ + https://MyDomainName--SandboxName.sandbox.my.salesforce.com -ALIASES - $ sfdx force:auth:web:login +FLAG DESCRIPTIONS + -r, --instance-url= URL of the instance that the org lives on. -EXAMPLES - $ sfdx auth:web:login -a TestOrg1 + If you specify an --instance-url value, this value overrides the sfdcLoginUrl value in your sfdx-project.json file. - $ sfdx auth:web:login -i + To specify a My Domain URL, use the format https://yourcompanyname.my.salesforce.com. - $ sfdx auth:web:login -r https://MyDomainName--SandboxName.sandbox.my.salesforce.com + To specify a sandbox, set --instance-url to https://MyDomainName--SandboxName.sandbox.my.salesforce.com. ``` -_See code: [src/commands/auth/web/login.ts](https://github.com/salesforcecli/plugin-auth/blob/v2.2.2/src/commands/auth/web/login.ts)_ +_See code: [src/commands/org/login/jwt.ts](https://github.com/salesforcecli/plugin-auth/blob/2.8.18/src/commands/org/login/jwt.ts)_ -## `sfdx force:auth:accesstoken:store -r [-d] [-s] [-a ] [-p] [--json] [--loglevel trace|debug|info|warn|error|fatal|TRACE|DEBUG|INFO|WARN|ERROR|FATAL]` +## `sfdx org:login:sfdx-url` -authorize an org using an existing Salesforce access token +Authorize an org using a Salesforce DX authorization URL stored in a file. ``` USAGE - $ sfdx force:auth:accesstoken:store -r [-d] [-s] [-a ] [-p] [--json] [--loglevel - trace|debug|info|warn|error|fatal|TRACE|DEBUG|INFO|WARN|ERROR|FATAL] + $ sfdx org:login:sfdx-url -f [--json] [-d] [-s] [-a ] FLAGS - -a, --setalias= set an alias for the authenticated - org - -d, --setdefaultdevhubusername set the authenticated org as the - default dev hub org for scratch org - creation - -p, --noprompt do not prompt for confirmation - -r, --instanceurl= (required) the login URL of the - instance the org lives on - -s, --setdefaultusername set the authenticated org as the - default username that all commands - run against - --json format output as json - --loglevel=(trace|debug|info|warn|error|fatal|TRACE|DEBUG|INFO|WARN|ERROR|FATAL) [default: warn] logging level for - this command invocation - -DESCRIPTION - authorize an org using an existing Salesforce access token + -a, --alias= Alias for the org. + -d, --set-default-dev-hub Set the authenticated org as the default Dev Hub. + -f, --sfdx-url-file= (required) Path to a file that contains the Salesforce DX authorization URL. + -s, --set-default Set the authenticated org as the default that all org-related commands run against. - By default, the command runs interactively and asks you for the access token. If you previously authorized the org, - the command prompts whether you want to overwrite the local file. Specify --noprompt to not be prompted. - - To use the command in a CI/CD script, set the SFDX_ACCESS_TOKEN environment variable to the access token. Then run the - command with the --noprompt parameter. "!" - -ALIASES - $ sfdx force:auth:accesstoken:store - -EXAMPLES - $ sfdx auth:accesstoken:store --instanceurl https://mycompany.my.salesforce.com +GLOBAL FLAGS + --json Format output as json. - $ export SFDX_ACCESS_TOKEN=00Dxx0000000000!xxxxx +DESCRIPTION + Authorize an org using a Salesforce DX authorization URL stored in a file. - $ sfdx auth:accesstoken:store --instanceurl https://dev-hub.my.salesforce.com --noprompt -``` + The Salesforce DX (SFDX) authorization URL must have the format + "force://::@". NOTE: The SFDX authorization URL uses the "force" + protocol, and not "http" or "https". Also, the "instanceUrl" inside the SFDX authorization URL doesn't include the + protocol ("https://"). -## `sfdx force:auth:device:login [-i ] [-r ] [-d] [-s] [-a ] [--json] [--loglevel trace|debug|info|warn|error|fatal|TRACE|DEBUG|INFO|WARN|ERROR|FATAL]` + You have three options when creating the authorization file. The easiest option is to redirect the output of the "sfdx + org display --verbose --json" command into a file. For example, using an org with alias my-org that you've already + authorized: -authorize an org using a device code + $ sfdx org display --target-org my-org --verbose --json > authFile.json -``` -USAGE - $ sfdx force:auth:device:login [-i ] [-r ] [-d] [-s] [-a ] [--json] [--loglevel - trace|debug|info|warn|error|fatal|TRACE|DEBUG|INFO|WARN|ERROR|FATAL] + The resulting JSON file contains the URL in the "sfdxAuthUrl" property of the "result" object. You can then reference + the file when running this command: -FLAGS - -a, --setalias= set an alias for the authenticated - org - -d, --setdefaultdevhubusername set the authenticated org as the - default dev hub org for scratch org - creation - -i, --clientid= OAuth client ID (sometimes called - the consumer key) - -r, --instanceurl= the login URL of the instance the - org lives on - -s, --setdefaultusername set the authenticated org as the - default username that all commands - run against - --json format output as json - --loglevel=(trace|debug|info|warn|error|fatal|TRACE|DEBUG|INFO|WARN|ERROR|FATAL) [default: warn] logging level for - this command invocation + $ sfdx org:login:sfdx-url --sfdx-url-file authFile.json -DESCRIPTION - authorize an org using a device code + NOTE: The "sfdx org display --verbose" command displays the refresh token only for orgs authorized with the web server + flow, and not the JWT bearer flow. - You must open a browser, navigate to the verification URL, and enter the code. Log in, if not already logged in, and - you’ll be prompted to allow the device to connect to the org. + You can also create a JSON file that has a top-level property named sfdxAuthUrl whose value is the authorization URL. + Finally, you can create a normal text file that includes just the URL and nothing else. ALIASES - $ sfdx force:auth:device:login + $ sfdx force:auth:sfdxurl:store + $ sfdx auth:sfdxurl:store EXAMPLES - $ sfdx auth:device:login -d -a TestOrg1 + Authorize an org using the SFDX authorization URL in the files/authFile.json file: + + $ sfdx org:login:sfdx-url --sfdx-url-file files/authFile.json - $ sfdx auth:device:login -i + Similar to previous example, but set the org as your default and give it an alias MyDefaultOrg: - $ sfdx auth:device:login -r https://MyDomainName--SandboxName.sandbox.my.salesforce.com + $ sfdx org:login:sfdx-url --sfdx-url-file files/authFile.json --set-default --alias MyDefaultOrg ``` -## `sfdx force:auth:jwt:grant -u -f -i [-r ] [-d] [-s] [-a ] [--json] [--loglevel trace|debug|info|warn|error|fatal|TRACE|DEBUG|INFO|WARN|ERROR|FATAL]` +_See code: [src/commands/org/login/sfdx-url.ts](https://github.com/salesforcecli/plugin-auth/blob/2.8.18/src/commands/org/login/sfdx-url.ts)_ -authorize an org using the JWT flow +## `sfdx org:login:web` + +Log in to a Salesforce org using the web server flow. ``` USAGE - $ sfdx force:auth:jwt:grant -u -f -i [-r ] [-d] [-s] [-a ] [--json] - [--loglevel trace|debug|info|warn|error|fatal|TRACE|DEBUG|INFO|WARN|ERROR|FATAL] + $ sfdx org:login:web [--json] [-b chrome|edge|firefox] [-i ] [-r ] [-d] [-s] [-a ] FLAGS - -a, --setalias= set an alias for the authenticated - org - -d, --setdefaultdevhubusername set the authenticated org as the - default dev hub org for scratch org - creation - -f, --jwtkeyfile= (required) path to a file containing - the private key - -i, --clientid= (required) OAuth client ID - (sometimes called the consumer key) - -r, --instanceurl= the login URL of the instance the - org lives on - -s, --setdefaultusername set the authenticated org as the - default username that all commands - run against - -u, --username= (required) authentication username - --json format output as json - --loglevel=(trace|debug|info|warn|error|fatal|TRACE|DEBUG|INFO|WARN|ERROR|FATAL) [default: warn] logging level for - this command invocation + -a, --alias= Alias for the org. + -b, --browser=