Request an authentication token for deployments

To securely deploy your code, request an authentication token for the deployment user.

The default lifetime for authentication tokens is one hour. You can use the Override default expiry permission set to change the token lifetime to a duration better suited for a long-running, automated process.

Use the puppet-access command to generate the authentication token.

  1. From the command line on the primary server, run puppet-access login --lifetime 180d. This command requests the token and sets the token lifetime to 180 days.
    You can specify additional settings in this command, such as the token file's location or your RBAC API URL, as explained in Configuration file settings for puppet-access.
  2. Enter the deployment user's username and password when prompted.
Results

The generated token is stored in a file for later use. The default token storage location is ~/.puppetlabs/token. You can run puppet-access show to view the token.

What to do next

Test the connection to the control repo.

Related information