User login

The login command allows you to log in to a server running in server mode. All users you create within the system have full access to all resources, secrets, and services that the server provides.

First Time Login

When you run the server for the first time, the system creates a temporary admin account with a temporary password of admin.

Run the following command from the gateway client and enter admin as the password:

iagctl login admin

The system then prompts you to enter a new password. Follow all remaining proimpts to confirm your password and complete your first login.

Admin login process

To create the admin login:

1. Start the gateway server
2. The system creates the temporary admin user and password
3. Log in with the temporary admin user and password
4. Change password
5. Authenticate to gateway server
6. The server generates an API key that is passed in gRPC calls

User login with temporary password

To create a user with a temporary password flag:

1. The user logs in with the temporary password
2. The system prompts the user to change the password (required)
3. The user changes the password
4. The user authenticates to the gateway server
5. The server generates an API key that is passed in gRPC calls

Standard login process

Once a user changes their temporary password, their login process resembles the following:

1. The user logs in with their password
2. The user authenticates to the gateway server
3. The server generates an API key that is passed in gRPC calls

Resetting the admin password

Resetting the admin password requires access to the server instance to perform the reset action.

To reset the password, run:

iagctl server --recover-admin-user

This command prompts you to enter a new password for the admin user if it's already set.

Learn more

• For more information on login commands, see iagctl login.
• For more information on managing users, see Managing users.