The login command allows you to log in to a server running in server mode. All users you create within the system have full access to all resources, secrets, and services that the server provides.
When you run the server for the first time, the system creates a temporary admin account with a temporary password of admin.
Run the following command from the gateway client and enter admin as the password:
The system then prompts you to enter a new password. Follow all remaining proimpts to confirm your password and complete your first login.
To create the admin login:
To create a user with a temporary password flag:
Once a user changes their temporary password, their login process resembles the following:
Resetting the admin password requires access to the server instance to perform the reset action.
To reset the password, run:
This command prompts you to enter a new password for the admin user if it’s already set.
The create user command creates a new user.
When creating a user account for another user, use the --temp-password flag. This requires the user to change their password the first time they log in to the server.
All users within the system are power users, so ensure that any users you create are trusted.
The get users command displays a list of all users stored within the database.
The describe user command displays all information about a specific user in the database. It shows when the user was created as well when they last logged in. A login event occurs when the user successfully runs the login command from an iagctl client against the gateway server.
The delete user command deletes a user from the database. You cannot undo deletion operations. When you delete a user, the system removes all API keys associated with that user and denies further access.