lbcli create auth-map-entry

Creates a new auth-map-entry.

Synopsis

This is step three of a three-step operation, mapping an identity provider (IdP) to a Lightbits authorization engine scope and role.

The required steps for using IdP are:

Step 1: Create an idp-configuration, configuring an IdP cluster to work with.
Step 2: Create an idp-client-configuration, specifying the app/user mode of operation for a specific client.
Step 3: Create an auth-map-entry, mapping the identifier (client ID or group information) to a Lightbits scope/role.

Bash
    
 
lbcli create auth-map-entry [flags]
Copy

Examples:

Bash
    
lbcli -J $JWT create auth-map-entry --name monitoring-service-app --scope system --role viewer --identifier 037d735c-5d9b-4976-9fc1-11e5a9bd00bd --idp-configuration-name idp1lbcli -J $JWT create auth-map-entry --name DevSecGroup --scope system --role cluster-admin --identifier DevSec --idp-configuration-name idp1
Copy

Flag	Short	Type	Description
--help	-h	bool	Help for auth-map-entry.
--identifier		string	The identifier of the entry (can be client-id/group-name) (required).
--name		string	The name of the entry to save in the Lightbits cluster (required).
--idp-configuration-name		string	The name of the IdP configuration to use for this entry.
--role		string	The role of the group in the Lightbits cluster (required). For example, viewer.
--scope		string	The scope of the group in the Lightbits cluster (required). For example, system.

Last updated on

Was this page helpful?