mc idp openid accesskey ls
The mc idp openid accesskey ls
displays a list of OIDC access key pairs.
mc idp openid accesskey ls
is also known as mc idp openid accesskey list
.
This command works against access keys created by an OIDC user after authenticating to AIStor.
Authenticated users can manage their own long-term Access Keys using the AIStor Console. AIStor supports using AssumeRoleWithWebIdentity to generate temporary access keys using the Security Token Service.
Example and Syntax
Copy the example to a text editor and modify as needed before running the command in the terminal/shell.
Parameters
ALIAS
Required
The alias of the AIStor deployment configured for OIDC integration.
For example:
mc idp openid accesskey ls minio
--all
Optional
List all access keys for all OIDC users.
--self
Optional
List access keys for the currently authenticated user.
--svcacc-only
Optional
Output only service account access keys.
Mutually exclusive with --temp-only
.
--temp-only
Optional
Output only temporary access keys.
Mutually exclusive with --svcacc-only
.
--users-only
Optional
Output only the OIDC user IDs.
Examples
List All Access Keys
To return a list of all access keys, you must first authenticate as the admin
user.
Once authenticated, the following command returns all OIDC access keys on the minio
deployment.
mc idp openid accesskey ls minio
If the user does not have the admin:ListUsers
permission, the command returns a list of access keys for the authenticated user only.
List Temporary Access Keys
To return a list of all temporary access keys for a deployment, you must first authenticate as a user with the admin:ListUsers
permission.
Once authenticated, the following command outputs a list of user IDs with their associated temporary access keys.
mc idp oidc accesskey ls minio --temp-only
List Access Keys for Authenticated User
The following command returns the OIDC access keys for the currently authenticated user on the minio
deployment.
mc idp oidc accesskey list minio
If the authenticated user has the admin:ListUsers
permission, the command returns a list of all users and access keys on the deployment.
Global Flags
This command supports any of the global flags.
Behavior
S3 Compatibility
The mc
command line tool is built for compatibility with the AWS S3 API and is tested with AIStor and AWS S3 for expected functionality and behavior.
AIStor provides no guarantees for other S3-compatible services, because their S3 API implementation is unknown and therefore unsupported.
While mc
commands may work as documented, any such usage is at your own risk.