When accessing the web console from a browser at <master_public_addr>:8443, you are automatically redirected to a login page.
Review the browser versions and operating systems that can be used to access the web console.
You can provide your login credentials on this page to obtain a token to make API calls. After logging in, you can navigate your projects using the web console.
You can authenticate from the command line using the CLI command
You can get started with the CLI by
running this command
without any options:
$ oc login
The command’s interactive flow helps you establish a session to an OKD server with the provided credentials. If any information required to successfully log in to an OKD server is not provided, the command prompts for user input as required. The configuration is automatically saved and is then used for every subsequent command.
All configuration options for the
oc login command, listed in the
--help command output, are optional. The following example shows usage with
some common options:
$ oc login [-u=<username>] \ [-p=<password>] \ [-s=<server>] \ [-n=<project>] \ [--certificate-authority=</path/to/file.crt>|--insecure-skip-tls-verify]
The following table describes these common options:
$ oc login -s=<server>
Specifies the host name of the OKD server. If a server is provided through this flag, the command does not ask for it interactively. This flag can also be used if you already have a CLI configuration file and want to log in and switch to another server.
$ oc login -u=<username> -p=<password>
Allows you to specify the credentials to log in to the OKD server. If user name or password are provided through these flags, the command does not ask for it interactively. These flags can also be used if you already have a configuration file with a session token established and want to log in and switch to another user name.
$ oc login -u=<username> -p=<password> -n=<project>
A global CLI option which, when used with
$ oc login --certificate-authority=<path/to/file.crt>
Correctly and securely authenticates with an OKD server that uses HTTPS. The path to a certificate authority file must be provided.
$ oc login --insecure-skip-tls-verify
Allows interaction with an HTTPS server bypassing the server
certificate checks; however, note that it is not secure. If you try to
CLI configuration files allow you to easily manage multiple CLI profiles.
If you have access to administrator credentials but are no longer logged in as the default system user system:admin, you can log back in as this user at any time as long as the credentials are still present in your CLI configuration file. The following command logs in and switches to the default project:
$ oc login -u system:admin -n default