Log In
You log in to the Bravura Safe CLI using the login command. Review the following options to determine which method to use:
Note
SSO is currently not supported.
Using an API Key will require you to follow the login command with an explicit bsafe unlock if you will be working with safe data directly. There are, however, a few commands that do not require your safe to be decrypted, including config, encode, generate, and status.
Your master password is the source of the key needed to decrypt safe data. Logging in using email and password uses your master password which can then string together the login and unlock commands to authenticate your identity and decrypt your safe in tandem.
Logging in with email and password is recommended for interactive sessions. To log in with email and password:
bsafe login
This initiates a prompt for your email address, master password and (if enabled) a Two-step Login code. The CLI currently supports Two-step Login via authenticator and email.
If you are prompted for additional authentication or get the error, Your authentication request appears to be coming from a bot, use your API Key client_secret to answer the authentication challenge.
Logging in with the Personal API Key is recommended for automated workflows or providing access to an external application. To log in with the API Key:
bsafe login --apikey
This initiates a prompt for your client_id and client_secret. Once your session is authenticated using these values, you can use the unlock command.
Note
If your Team requires SSO, you can still use --apikey to log in to the CLI.
You can save environment variables to prevent the need for manual intervention at authentication for cases where automated work is being done with the Bravura Security Fabric CLI.
Environment Variable Name | Required Value |
|---|---|
BW_CLIENTID | client_id |
BW_CLIENTSECRET | client_secret |