...
- initialise his OIDC client's name
- insert IAM URL (e.g. https://iam-t1-computing.cloud.cnaf.infn.it/)
- when a web page for authentication opens, enter the credentials of the IAM account
- authorise the new client
- insert set a password for your client's password twice, by typing it twice on the terminal prompt.
For example:
| Code Block | ||||
|---|---|---|---|---|
| ||||
[ashtimmerman@ui-tier1 ~]$ oidc-gen -w device axy [1] https://iam-t1-computing.cloud.cnaf.infn.it/ [...] Issuer [https://iam-t1-computing.cloud.cnaf.infn.it/]: The following scopes are supported: openid profile email address phone offline_access eduperson_scoped_affiliation eduperson_entitlement eduperson_assurance entitlements wlcg.groups compute.read compute.create compute.cancel compute.modify storage.read storage.create storage.modify storage.stage Scopes or 'max' (space separated) [openid profile offline_access]: compute.read compute.create compute.cancel compute.modify openid profile offline_access Registering Client ... Generating account configuration ... accepted Using a browser on any device, visit: https://iam-t1-computing.cloud.cnaf.infn.it/device And enter the code: REDACTED Alternatively you can use the following QR code to visit the above listed URL. Enter encryption password for account configuration <client_name>: Confirm encryption password: Everything setup correctly! |
...