github.com/anth0d/nomad@v0.0.0-20221214183521-ae3a0a2cad06/website/content/docs/commands/acl/auth-method/create.mdx (about) 1 --- 2 layout: docs 3 page_title: 'Commands: acl auth-method create' 4 description: The auth-method create command is used to create new ACL Auth Methods. 5 --- 6 7 # Command: acl auth-method create 8 9 The `acl auth-method create` command is used to create new ACL Auth Methods. 10 11 ## Usage 12 13 ```plaintext 14 nomad acl auth-method create [options] 15 ``` 16 17 The `acl auth-method create` command requires the correct setting of the create options 18 via flags detailed below. 19 20 ## General Options 21 22 @include 'general_options_no_namespace.mdx' 23 24 ## Create Options 25 26 - `-name`: Sets the human readable name for the ACL auth method. The name must 27 be between 1-128 characters and is a required parameter. 28 29 - `-description`: A free form text description of the auth-method that must not exceed 30 256 characters. 31 32 - `-type`: Sets the type of the auth method. Currently the only supported type 33 is `OIDC`. 34 35 - `-max-token-ttl`: Sets the duration of time all tokens created by this auth 36 method should be valid for. 37 38 - `-token-locality`: Defines the kind of token that this auth method should 39 produce. This can be either `local` or `global`. 40 41 - `-default`: Specifies whether this auth method should be treated as a default 42 one in case no auth method is explicitly specified for a login command. 43 44 - `-config`: Auth method [configuration] in JSON format. May be prefixed with '@' 45 to indicate that the value is a file path to load the config from. '-' may also 46 be given to indicate that the config is available on stdin. 47 48 - `-json`: Output the ACL auth-method in a JSON format. 49 50 - `-t`: Format and display the ACL auth-method using a Go template. 51 52 ## Examples 53 54 Create a new ACL Role: 55 56 ```shell-session 57 $ nomad acl auth-method create -name "example-acl-auth-method" -type "OIDC" -max-token-ttl "1h" -token-locality "local" -config "@config.json" 58 Created ACL auth method: 59 Name = example-acl-auth-method 60 Type = OIDC 61 Locality = local 62 MaxTokenTTL = 1h0m0s 63 Default = false 64 OIDC Discovery URL = https://my-corp-app-name.auth0.com/ 65 OIDC Client ID = V1RPi2MYptMV1RPi2MYptMV1RPi2MYpt 66 OIDC Client Secret = example-client-secret 67 Bound audiences = V1RPi2MYptMV1RPi2MYptMV1RPi2MYpt 68 Allowed redirects URIs = http://localhost:4646/oidc/callback 69 Discovery CA pem = <none> 70 Signing algorithms = <none> 71 Claim mappings = {http://example.com/first_name: first_name}; {http://example.com/last_name: last_name} 72 List claim mappings = {http://nomad.com/groups: groups} 73 Create Index = 14 74 Modify Index = 14 75 ``` 76 77 Example config file: 78 79 ```json 80 { 81 "OIDCDiscoveryURL": "https://my-corp-app-name.auth0.com/", 82 "OIDCClientID": "V1RPi2MYptMV1RPi2MYptMV1RPi2MYpt", 83 "OIDCClientSecret": "example-client-secret", 84 "BoundAudiences": [ 85 "V1RPi2MYptMV1RPi2MYptMV1RPi2MYpt" 86 ], 87 "AllowedRedirectURIs": [ 88 "http://localhost:4646/oidc/callback" 89 ], 90 "ClaimMappings": { 91 "http://example.com/first_name": "first_name", 92 "http://example.com/last_name": "last_name" 93 }, 94 "ListClaimMappings": { 95 "http://nomad.com/groups": "groups" 96 } 97 } 98 ``` 99 100 [configuration]: /api-docs/acl/auth-methods#config