Please contribute additional examples for your favored platform or password manager.
Notes:
- You need to set
OKTA_BROWSER_AUTH=falsein order for this to work. - You need version 2.0.4 or greater of the
Okta AWS CLI Assume Role tool.
- Create password entry
security add-generic-password -a $OKTA_USERNAME -s okta-aws-cli -T /usr/bin/security -U - Launch
KeyChain Accessand search for okta-aws-cli, enter the password and save the changes.
- Set OKTA_PASSWORD_CMD to
security find-generic-password -a $OKTA_USERNAME -s okta-aws-cli -w
Example: GNU/Linux GNOME Keyring
- Check if you have installed the
secret-toolcommand. In Debian is included in thelibsecret-toolspackage, so you can install it withapt:sudo apt install libsecret-tools
- Create a new entry in your Login Keyring (you will be asked for your password):
secret-tool store --label='Okta Credentials' okta:username $OKTA_USERNAME
- Set
OKTA_PASSWORD_CMDto:secret-tool lookup okta:username $OKTA_USERNAME
- Type the following into a PowerShell command
(Get-Credential).password | ConvertFrom-SecureString | Set-Content "$env:USERPROFILE\.okta\.password" - Type in your credentials into the resulting popup, PowerShell will encrypt your password using your user profile (Windows Data Protection API) and store it in a file named
.passwordin$env:USERPROFILE\.okta\
- Set
OKTA_USERNAMEif it is not already set - Set
OKTA_PASSWORD_CMDto:OKTA_PASSWORD_CMD=@echo off & for /f \"usebackq tokens=*\" %a in (`PowerShell -Command \"(New-Object System.Management.Automation.PSCredential ($env:UserName, (Get-Content $env:USERPROFILE\\.okta\\.password | ConvertTo-SecureString))).GetNetworkCredential().Password\"`) do echo %a
- Not recommended but if you're stuck/desperate it works
- Add a
echo "XXXX"to the~/.okta/config.propertiesfile for your password
OKTA_PASSWORD_CMD=echo "mypassword"- Install LassPass' CLI tool, lpass
- Store your password in LassPass, making note of the entries path in your hierarchy
- Create an entry in
~/.okta/config
OKTA_PASSWORD_CMD=lpass show --password mysite.com