You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: docs/user-guides/account-management.md
+4-1Lines changed: 4 additions & 1 deletion
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -67,6 +67,9 @@ To create a PAT:
67
67
-**Task history** — Allow you to use the token to view your entire task history, not filtered by project.
68
68
4. Click **Create**. Copy the token immediately — it is shown **only once** and cannot be recovered afterwards.
69
69
70
+
After creating your PAT, the website will show you two options on how to store and use the PAT. For more advice on how to use a PAT in scripts and HPC jobs, see [Using DivBase Programmatically](./using-divbase-programmatically.md#use-personal-access-tokens-to-authenticate-programmatically).
71
+
70
72
You can have up to **5 active tokens** at a time. To revoke a token, click **Revoke** next to it on the Personal Access Tokens page.
71
73
72
-
For how to use a PAT in scripts and HPC jobs, see [Using DivBase Programmatically](./using-divbase-programmatically.md#use-personal-access-tokens-to-authenticate-programmatically).
74
+
!!! tip "Scope your token to what the job needs and when you need it for"
75
+
When creating the PAT, restrict it to the specific project(s) you need it for. Consider also setting an appropriate expiry date for the token. You can always revoke the token immediately if needed from the DivBase website.
Copy file name to clipboardExpand all lines: docs/user-guides/using-divbase-programmatically.md
+35-25Lines changed: 35 additions & 25 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -4,49 +4,59 @@ Below is a set of tips for users who want to use DivBase in scripts/pipelines/pr
4
4
5
5
If you have any tips or suggestions to add to this page or any desired features, please let us know!
6
6
7
-
## Use Personal Access Tokens to Authenticate programmatically
7
+
## Use Personal Access Tokens to authenticate programmatically
8
8
9
-
For scripts, pipelines, and HPC jobs the recommended approach is to use a **Personal Access Token (PAT)**. A PAT is a static bearer token that you create once via the website and pass to `divbase-cli` via an environment variable. When using a PAT, there is no login step and no password storage required.
9
+
For scripts, pipelines, and HPC jobs the recommended approach is to use a **Personal Access Token (PAT)**. A PAT is a static bearer token that you create once via the website. When using a PAT, there is no login step and no password storage required.
10
10
11
-
See [Account Management — Personal Access Tokens](./account-management.md#personal-access-tokens) for how to create/and remove PATs.
11
+
See [Account Management — Personal Access Tokens](./account-management.md#personal-access-tokens) for how to createand revoke PATs.
12
12
13
-
Once you have a token, set the `DIVBASE_API_PAT` environment variable to it. `divbase-cli` will automatically use it in every request.
13
+
You can store/use a PAT in two ways
14
14
15
-
!!! question "What if I have both an active login session and a Personal Access Token set?"
16
-
`divbase-cli` prioritises an active login session over a PAT. If you have both, the CLI will use the active session and ignore the PAT. To use the PAT, you would need to run `divbase-cli auth logout` first.
15
+
### Option 1 — Let `divbase-cli` handle storing the PAT (recommended)
16
+
17
+
After creating a PAT on the website, store it on your device by copy pasting the pre-filled commands shown on the website, it will look something like this:
You will be prompted to paste the token value. It is then stored securely in your OS keyring (or in a restricted file if no keyring is available) and used automatically on every subsequent `divbase-cli` command.
27
+
28
+
```bash
29
+
divbase-cli auth pat-info # show name and expiry of the stored PAT
30
+
divbase-cli auth rm-pat # remove the stored PAT from this device
21
31
```
22
32
23
-
When `DIVBASE_API_PAT` is set, `divbase-cli` does not need you to be logged in.
33
+
!!! info "This strategy works on HPC clusters"
34
+
On the login node with divbase-cli [installed as we recommend](./installation.md), store the PAT as described above. The token will be available to all your jobs running on the cluster, without needing to worry about setting any environment variables in your job scripts.
24
35
25
-
### Example: Slurm job script
36
+
### Option 2 — Environment variable
26
37
27
-
The cleanest way to use a PAT in a SLURM job is to store the token in a restricted file and load it at job start:
38
+
Set `DIVBASE_API_PAT`in your shell or job script:
28
39
29
40
```bash
30
-
echo"divbase_pat_your_token_here">~/.divbase_pat
31
-
chmod 600 ~/.divbase_pat # only readable/writeable by the owner
To use a PAT when you are also logged in, run `divbase-cli auth logout` first.
47
58
48
-
!!! tip "Scope your token to what the job needs and when you need it for"
49
-
When creating the PAT, restrict it to the specific project(s) you need it for. Consider also setting an appropriate expiry date for the token. You can always revoke the token immediately if needed from the DivBase website.
59
+
Your logged in account will have the same or more permissions that your PATs, this is why we follow this order.
0 commit comments