Logging in to a management server with an OIDC registry

Logging in with an OIDC registry involves several steps, in which you obtain a temporary token and pass it to the toolkit to ensure it can communicate securely with the management server.

Attention: If you want to log in using a non-OIDC registry, see the login steps in Migration steps without PDUR or Migration steps with PDUR.

To log in, complete the following steps:

  1. Enter the following command on the command line:
    apicm login --server mgmt_endpoint_url --sso
    where mgmt_endpoint_url is the endpoint URL. When you log in with a Cloud admin or Provider organization, specify one of the following URLs:
    • platform API endpoint URL
    • management API manager URL

    These endpoint URLs are configured during the installation of API Connect, as described in Installing the Management subsystem into a Kubernetes environment and Deploying the Management subsystem in a VMware environment. If you have access to the Cloud Manager user interface, you can view the configured endpoint URLs as described in Viewing platform and UI endpoints, ignoring any segments at the end of the displayed URLs. If you are not sure of the endpoint URL, ask your administrator.

  2. When the toolkit prompts for the context, type provider:
    Context? provider
  3. The server responds with the following message: 
    Please copy and paste the url https://mgmt_endpoint_url/auth/manager/sign-in/?from=TOOLKIT to a browser to start the authentication process.
Do you want to open the url in default browser? [y/n]: y

    Take one of the following actions:

    • If you want to use your default browser to log in to API Manager, type y and press Enter.

      The API Manager sign-in page opens in a new browser tab.

    • If you don't use to use your default browser, type n and press Enter.
      1. Copy the URL from the command window.
      2. Open a browser, paste the URL, and press Enter.

      The API Manager sign-in page displays.

  4. On the API Manager sign-in page, select the OIDC registry and then log in to API Connect.

    After you log in, API Connect displays the You are authenticated! message and provides a temporary token. Copy the token.

  5. Return to the command window. Paste the token at the API Key? prompt and press Enter.

When the token is validated and you are successfully logged in to the toolkit, the following message displays:

Logged into mgmt_endpoint_url successfully