packages: use common overlay structure that vcsserver uses.

marcink - - Load All Authors

File last commit:

r2656:f7a8197c default


                r3140:00e2e53b

default

Download file

             auth-token.rst
        
                    76 lines
            
             | 2.6 KiB
            
                | text/x-rst
            
             |
                RstLexer

/ docs / auth / auth-token.rst

History | Annotation | Raw |Copy content |Copy permalink

Authentication Tokens

|RCE| has 4 different kinds of authentication tokens.

API tokens: API tokens can only be used to execute |RCE| API operations. You can store your API token and assign it to each instance in the :file:`/home/{user}/.rhoderc` file. See the example in :ref:`indexing-ref` section for more details.
Feed tokens: The feed token can only be used to access the RSS feed.

Usually those are safe to store inside your RSS feed reader.
VCS tokens: You can use these to authenticate with |git|, |hg| and |svn| operations instead of a password. They are designed to be used with CI Servers or other third party tools that require |repo| access. They are also a good replacement for SSH based access. To use these tokens you need be enabled special authentication method on |RCE|, as they are disabled by default. See :ref:`enable-vcs-tokens`.
Web Interface tokens: These token allows users to access the web interface of |RCE| without logging in.

You can add these tokens to an |RCE| server url, to expose the page content based on the given token.

This is useful to integrate 3rd party systems, good example is to expose raw diffs to another code-review system without having to worry about authentication.

These tokens only work if a certain view is whitelisted under api_access_controllers_whitelist inside the :file:`rhodecode.ini` file.

# To download a repo without logging into Web UI
https://rhodecode.com/repo/archive/tip.zip?auth_token=<web-api-token>

# To show commit diff without logging into Web UI
https://rhodecode.com/repo/changeset-diff/<sha>?auth_token=<web-api-token>

Enabling VCS Tokens

To enable VCS Tokens, use the following steps:

Go to :menuselection:`Admin --> Authentication`.
Enable the rhodecode.lib.auth_modules.auth_token plugin.
Click :guilabel:`Save`.

Authentication Token Tips

Use Authentication Tokens instead of your password with external services.
Create multiple Authentication Tokens on your account to enable access to your |repos| with a different |authtoken| per method used.
Set an expiry limit on certain tokens if you think it would be a good idea.

Creating Tokens

To create authentication tokens for an user, use the following steps:

From the |RCM| interface go to :menuselection:`Username --> My Account --> Auth tokens`.
Label and Add the tokens you wish to use with |RCE|.

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages