diff --git a/website/content/docs/api-clients/cli.mdx b/website/content/docs/api-clients/cli.mdx index 7bc9f6b917..f029cae1c5 100644 --- a/website/content/docs/api-clients/cli.mdx +++ b/website/content/docs/api-clients/cli.mdx @@ -32,9 +32,8 @@ The following shows use of the [`-addr`](/boundary/docs/api-clients/cli#addr) fl ```shell-session $ boundary authenticate password \ - -addr=https://boundary.example.com:9200 - -auth-method-id=ampw_1234567890 \ - -login-name=admin + -addr=https://boundary.example.com:9200 \ + -auth-method-id=ampw_1234567890 ``` Instead of specifying the `-addr` flag for every command, you can set an environment variable `BOUNDARY_ADDR=https://boundary.controller.com:9200`. diff --git a/website/content/docs/common-workflows/manage-users-groups.mdx b/website/content/docs/common-workflows/manage-users-groups.mdx index 0d95837d3a..ed34be00c7 100644 --- a/website/content/docs/common-workflows/manage-users-groups.mdx +++ b/website/content/docs/common-workflows/manage-users-groups.mdx @@ -283,7 +283,7 @@ Now you can test logging in. ```bash -$ boundary authenticate password -login-name myuser -auth-method-id ampw_PbE6nNT72a +$ boundary authenticate password -auth-method-id ampw_PbE6nNT72a ``` diff --git a/website/content/docs/common-workflows/workflow-ssh-proxycommand.mdx b/website/content/docs/common-workflows/workflow-ssh-proxycommand.mdx index 556f5ad964..502534c6db 100644 --- a/website/content/docs/common-workflows/workflow-ssh-proxycommand.mdx +++ b/website/content/docs/common-workflows/workflow-ssh-proxycommand.mdx @@ -33,10 +33,11 @@ the local Boundary proxy in a wrapped netcat session, passing in the target ID a ## Authenticate to Boundary Before `ssh` can invoke `boundary connect` you need to authenticate. In this example, we're using `boundary dev` with the -default username (admin) and password (password): +default username (admin) and password (password), and because this auth method is the primary that resides in the global +scope, we can use the short form of the authenticate command with no extra flags: ```bash -$ boundary authenticate password -login-name=admin -auth-method-id=ampw_1234567890 +$ boundary authenticate ``` ## SSH to Target @@ -117,7 +118,7 @@ Before `ssh` can invoke `boundary connect` you need to authenticate. In this exa default username (admin) and password (password): ```bash -$ boundary authenticate password -login-name=admin -auth-method-id=ampw_1234567890 +$ boundary authenticate ``` ## Authorize the Session diff --git a/website/content/docs/getting-started/deploy-and-login.mdx b/website/content/docs/getting-started/deploy-and-login.mdx index d63a68c47f..27a94c285c 100644 --- a/website/content/docs/getting-started/deploy-and-login.mdx +++ b/website/content/docs/getting-started/deploy-and-login.mdx @@ -88,15 +88,9 @@ instance, and click **Authenticate**. instance's Global scope via the web UI. This is the default scope for all new Boundary clusters. -1. Click **Auth Methods**. - -1. Click the **copy icon** for the Password **Auth Method ID**. The ID is needed to -authenticate to HCP Boundary using the CLI. - - 1. In the HCP Boundary portal, open the **Boundary Overview** page, and click the **copy icon** in the **Copy this into Boundary Desktop** section. This copies your environment’s Boundary **Cluster URL**. @@ -104,18 +98,26 @@ copies your environment’s Boundary **Cluster URL**. 1. Open a terminal session and set the `BOUNDARY_ADDR` environment variable to the copied Cluster URL. -```shell-session -$ export BOUNDARY_ADDR= -``` + ```shell-session + $ export BOUNDARY_ADDR= + ``` 1. Log in with the administrator credentials you created when you deployed the HCP Boundary instance. -```shell-session -$ boundary authenticate password \ - -auth-method-id= \ - -login-name= -``` + ```shell-session + $ boundary authenticate + Please enter the login name (it will be hidden): + Please enter the password (it will be hidden): + + Authentication information: + Account ID: acctpw_VOeNSFX8pQ + Auth Method ID: ampw_wxzojlKJLN + Expiration Time: Mon, 13 Feb 2023 12:35:32 MST + User ID: u_1vUkf5fPs9 + + The token was successfully stored in the chosen keyring and is not displayed here. + ``` You are now logged into your HCP Boundary instance's Global scope via the CLI. This is the default scope for all new Boundary clusters. diff --git a/website/content/docs/oss/installing/no-gen-resources.mdx b/website/content/docs/oss/installing/no-gen-resources.mdx index 7ec6159244..2ea1081544 100644 --- a/website/content/docs/oss/installing/no-gen-resources.mdx +++ b/website/content/docs/oss/installing/no-gen-resources.mdx @@ -480,8 +480,7 @@ resource "boundary_role" "project_admin" { ### Login as Your New User -```bash +```shell-session boundary authenticate password \ - -auth-method-id \ - -login-name myuser + -auth-method-id ``` diff --git a/website/content/docs/oss/installing/run-and-login.mdx b/website/content/docs/oss/installing/run-and-login.mdx index 0ee18d5751..2641744cff 100644 --- a/website/content/docs/oss/installing/run-and-login.mdx +++ b/website/content/docs/oss/installing/run-and-login.mdx @@ -9,7 +9,7 @@ description: |- To start Boundary in dev mode: -```bash +```shell-session $ boundary dev ``` @@ -17,16 +17,16 @@ $ boundary dev Boundary uses a predictable login name (`admin`) and password (`password`) in dev mode. These can be overridden, or randomly generated, with flags to -`boundary dev`. +`boundary dev`. The auth method resource in the global scope is set as the primary auth method for that scope. This allows you to omit the auth method ID when authenticating, enabling the short-form `boundary authenticate`: -``` -$ boundary authenticate password \ - -login-name=admin \ - -auth-method-id=ampw_1234567890 +```shell-session +$ boundary authenticate +Please enter the login name (it will be hidden): +Please enter the password (it will be hidden): ``` If you are on Windows or macOS, the system password store will be used to store