Personal Access Tokens
You can use Personal Access Tokens instead of OAuth to authenticate with Okteto.
Personal Access Tokens are useful when scripting, or when configuring Preview Environments.
Creating a Personal Access Token
- Sign in to your Okteto account.
- Click on the Settings icon on the navigation bar at the left.
- Click on the New Token button.
- Give your token a descriptive name and click the Generate button.
- Copy the token to your clipboard. For security reasons, after you navigate off the page, you will not see the token again.
Warning: Treat your tokens like passwords and keep them secret. Always use tokens as environment variables instead of hardcoding them into your programs.
Token Expiration
Personal Access Tokens are valid for 180 days. When a token has expired, it can no longer be used to authenticate and for API requests. It is not possible to restore an expired, you will need to create a new token.
A banner will be displayed a week before your token expires to remind you of this. We recommend that you take the appropriate measures once you see this banner in order to prevent any potential disruptions.
The state and expiration date of every token will be displayed in the UI.
Using a Token on the Command Line
Once you have a token, you can use it to authenticate with the Okteto CLI instead of using your browser, as shown below:
$ okteto context use https://okteto.example.com --token $YOUR_TOKEN
Personal Access Tokens can also be used when setting the OKTETO_TOKEN
environment variable.
$ export OKTETO_TOKEN=xxxxxxx
$ okteto namespace create test-cindylopez
Revoking a Personal Access Token
- Sign in to your Okteto account.
- Click on the settings icon on the left tab.
- Click on the Delete button.
- Click on the Delete Token button to confirm that you want to delete your token.
Once deleted, the token is automatically revoked, and it can't be recovered.