Releases: centrify/centrifycli
v1.0.7.0 - Support Access Tokens from Interactive Authentication
This release adds support for re-using access tokens, if present, in a successful response from interactive authentication.
Extract Values
Adds -x or --extract to retrieve only the desired JSON value or array.
Saves Machine Scope in the configuration file.
New Build: 28 Jan 2021. Fixes -ms missing.
v1.0.5.0 - Official
Official Release v1.0.5.0
This release includes the following improvements and features:
- Delegated Machine Credentials support (-m)
- Single binary executable for easy distribution and automation using built in dotnetcore 3.1 runtime
- Interactive MFA support (when not using OAuth2 token)
- If password required by not provided by -pw you will be prompted to enter it interactively (masked)
- The bootstrap command for quickly configuring service side requirements from within the CLI itself
- If connection fails, include inner exception detail in error output
Delegated Machine Credentials Support
Note that for this feature to work, a version of the Centrify Cloud Client with DMC support is also required. Client support for this starts with the corresponding 20.3 release.
Bootstrap Command
The new bootstrap command allows for quickly configuring the service side requirements from within the CLI itself. Example:
$ ccli bootstrap -u myuser@something.com -url https://tenant.my.centrify.net
This will prompt the calling user to MFA (user must be a sysadmin or have app creation privileges), then automatically execute the steps detailed in: https://github.com/centrify/centrifycli/wiki/Configuring-Centrify-Service-OAuth-for-Centrify-CLI
By default the application is configured to allow all API's to be called (i.e. scope regex of '.*'), and give access to the CLI app to the sysadmin role only. These can be overridden during bootstrap with the -breg and -br arguments respectively:
$ ccli bootstrap -u myuser@something.com -url https://tenant.my.centrify.net -breg UserMgmt/* -br MyRole
This command will create (or update if it exists) the application then add permission for the MyRole role and set the ccli scope regex list to UserMgmt/*
The bootstrap command will also generate an initial token (good for 1 hour) for the calling user.
v1.0.4.0-preview
Pre-release which builds on the functionality added in 1.0.3.0-preview with output of inner exception messages on error.
v1.0.3.0-preview
Pre-release which builds on the functionality added in 1.0.2.0-preview with:
- Use of dotnet core 3.1 LTS runtime
- Executables built as single self-contained file for easier distribution/deployment
- Linux friendly tarball instead of zip for binary release
v1.0.2.0-preview
Pre-release which adds experimental support for:
- Interactive MFA support (when not using OAuth2 tokens)
- New faster initial setup with "Bootstrap" command
- If password required but not provided by -pw you will be prompted to enter it interactively (masked)
The new bootstrap command allows for quickly configuring the service side requirements from within the CLI itself. Example:
$ ccli bootstrap -u myuser@something.com -url https://tenant.my.centrify.net
This will prompt the calling user to MFA (user must be a sysadmin or have app creation privileges), then automatically execute the steps detailed in: https://github.com/centrify/centrifycli/wiki/Configuring-Centrify-Service-OAuth-for-Centrify-CLI
By default the application is configured to allow all API's to be called (i.e. scope regex of '.*'), and give access to the CLI app to the sysadmin role only. These can be overridden during bootstrap with the -breg and -br arguments respectively:
$ ccli bootstrap -u myuser@something.com -url https://tenant.my.centrify.net -breg UserMgmt/* -br MyRole
This command will create (or update if it exists) the application then add permission for the MyRole role and set the ccli scope regex list to UserMgmt/*
The bootstrap command will also generate an initial token (good for 1 hour) for the calling user.
v1.0.1.0
Initial release, including standalone publish for Windows, Linux, and OsX