_nifectl auth_
Authentication is the foundation of secure interaction with the Nife platform. The auth command group provides comprehensive tools for managing user authentication, access tokens, and identity verification. Whether you're logging in for the first time, managing API tokens, or verifying your identity, these commands ensure secure and seamless access to the Nife platform.
Overview
Authenticate with Nife (and logout if you need to). The authentication system supports:
- User Login/Logout: Secure credential-based authentication
- Account Creation: New user signup and onboarding
- Token Management: Generate and manage API access tokens
- Identity Verification: Check current authentication status
If you do not have an account, start with the AUTH SIGNUP command. If you already have an account, begin with the AUTH LOGIN subcommand.
nifectl auth
Main command for authentication management operations.
Usage
nifectl auth [command] [flags]
Available Commands
- login - Log in a user
- logout - Logs out the currently logged in user
- signup - Create a new nife account
- token - Show the current auth token
- whoami - Show the currently authenticated user
Options
-h, --help help for auth
Global Options
-t, --access-token string Nife API Access Token
-j, --json json output
nifectl auth login
Authenticate with the Nife platform using your credentials.
About
User can login to the nifectl platform via command prompt or terminal. This command establishes an authenticated session that allows you to interact with all Nife services. The login process:
- Accepts your email and password credentials
- Validates your identity against the Nife platform
- Generates an authentication token
- Stores the token securely for subsequent commands
If you do not have an account, start with the AUTH SIGNUP command first. If you already have an account, begin with the AUTH LOGIN subcommand.
Usage
nifectl auth login [flags]
Options
--email string Login email
-h, --help help for login
-i, --interactive Log in with an email and password interactively
--password string Login password
Global Options
-t, --access-token string Nife API Access Token
-j, --json json output
Examples
# Interactive login (prompts for credentials)
nifectl auth login -i
# Login with email only (will prompt for password)
nifectl auth login --email [email protected]
# Login with both credentials (not recommended for security)
nifectl auth login --email [email protected] --password mypassword
# Login with JSON output for scripting
nifectl auth login --email [email protected] -i --json
Login Methods
Interactive Login (Recommended)
The safest method as it prompts for credentials without exposing them in command history:
nifectl auth login -i
Command-line Arguments
Useful for automation but less secure:
nifectl auth login --email [email protected] --password secret
Use Cases:
- CI/CD pipelines
- Automated scripts
- Docker containers
- Testing environments
⚠️ Security Warning: Avoid using passwords in command line for production environments. Use environment variables or secure secret management instead.
Secure Authentication Best Practices
-
Use Interactive Mode for manual logins
nifectl auth login -i -
Environment Variables for automation
export NIFE_EMAIL="[email protected]"
export NIFE_PASSWORD="secure-password"
nifectl auth login --email $NIFE_EMAIL --password $NIFE_PASSWORD -
Access Tokens for CI/CD
nifectl auth token --expiry-time 24h
# Use token in automated workflows
nifectl --access-token <token> apps list -
Token-based Authentication for long-running processes
# Generate token
TOKEN=$(nifectl auth token --expiry-time 2160h --json | jq -r '.token')
# Use token
nifectl --access-token $TOKEN deploy
Session Management
After successful login:
- Token is stored locally in
~/.nife/config.yml - Subsequent commands use this token automatically
- Session persists until logout or token expiration
- No need to login again for each command
Troubleshooting Login Issues
Problem: "Invalid credentials"
- Solution: Verify email and password are correct
- Solution: Check if account is active
- Solution: Reset password if forgotten
Problem: "Network error"
- Solution: Check internet connection
- Solution: Verify firewall isn't blocking API access
- Solution: Check platform status at status.nife.io
Problem: "Account locked"
- Solution: Contact support to unlock account
- Solution: Wait for automatic unlock (if temporary)
- Solution: Verify account hasn't been suspended
Problem: "Two-factor authentication required"
- Solution: Complete 2FA setup in web dashboard
- Solution: Use backup codes if available
- Solution: Contact support for 2FA reset
nifectl auth logout
End your authenticated session and clear stored credentials.
About
Log the currently logged-in user out of the nifectl platform. This command:
- Invalidates the current authentication token
- Removes stored credentials from local configuration
- Ends the authenticated session
- Requires fresh login for future commands
To continue interacting with nifectl after logout, you will need to log in again using nifectl auth login.
Usage
nifectl auth logout [flags]
Options
-h, --help help for logout
Global Options
-t, --access-token string Nife API Access Token
-j, --json json output
Examples
# Logout current user
nifectl auth logout
# Logout with JSON output
nifectl auth logout --json
# Verify logout
nifectl auth whoami
# Should show: "Not authenticated" or error
What Happens During Logout
- Token Invalidation: Current auth token is revoked
- Local Cleanup: Config files are cleared of credentials
- Session End: API access is terminated
- Confirmation: Success message displayed
After Logging Out
- ❌ All nifectl commands requiring auth will fail
- ❌ Cannot access organization resources
- ❌ Cannot deploy or manage applications
- ✅ Can still use public commands (version, docs)
- ✅ Can create a new account or login again
nifectl auth signup
Create a new Nife platform account.
About
Create a new nife account. The command opens your default web browser and directs you to a registration form where you provide:
- Email address
- Password
- Organization name (optional)
- Account preferences
After completing the form, your account is created and you can immediately login using nifectl auth login.
Usage
nifectl auth signup [flags]
Options
-h, --help help for signup
Global Options
-t, --access-token string Nife API Access Token
-j, --json json output
Examples
# Open signup form in browser
nifectl auth signup
# Signup with JSON output (still opens browser)
nifectl auth signup --json
Signup Process
- Command Execution: Run
nifectl auth signup - Browser Opens: Default browser launches with signup form
- Form Completion: Enter required information
- Email Verification: Verify email address (if required)
- Account Creation: Account is created and activated
- First Login: Use
nifectl auth loginto authenticate
Account Requirements
Email Address:
- ✅ Valid email format
- ✅ Unique (not already registered)
- ✅ Accessible for verification
- ✅ Professional or personal domain accepted
Password:
- ✅ Minimum 8 characters
- ✅ Mix of uppercase and lowercase
- ✅ At least one number
- ✅ Special characters recommended
- ✅ Not a commonly used password
Organization Name:
- Optional during signup
- Can be created later
- Used for team collaboration
- Determines billing structure
After Creating Account
# 1. Login with new account
nifectl auth login -i
# 2. Verify authentication
nifectl auth whoami
# 3. Create your first app
nifectl apps create my-first-app
# 4. Start deploying
nifectl init
nifectl deploy
nifectl auth token
Display and manage authentication tokens.
About
Shows the authentication token that is currently in use. This token can be used as an authentication token with API services, independent of nifectl. Tokens are useful for:
- API Integration: Direct API access without CLI
- CI/CD Pipelines: Automated deployments
- Third-party Tools: Integration with other services
- Programmatic Access: Script-based automation
Tokens can be generated with custom expiry times, allowing you to create short-lived tokens for security or long-lived tokens for continuous integration.
Usage
nifectl auth token [flags]
Options
--expiry-time string Allow users to generate tokens by providing input
(Note: Specify --expiry-time within 2160 hours.)
-h, --help help for token
Global Options
-t, --access-token string Nife API Access Token
-j, --json json output
Examples
# Show current token
nifectl auth token
# Generate token with 24-hour expiry
nifectl auth token --expiry-time 24h
# Generate token for 7 days (168 hours)
nifectl auth token --expiry-time 168h
# Generate token with maximum expiry (90 days)
nifectl auth token --expiry-time 2160h
# Get token in JSON format for scripting
nifectl auth token --json
# Store token in variable
TOKEN=$(nifectl auth token --expiry-time 24h --json | jq -r '.token')
Token Expiry Time Options
You can specify expiry time in hours (h) or days (d):
# Hours
nifectl auth token --expiry-time 1h # 1 hour
nifectl auth token --expiry-time 24h # 1 day
nifectl auth token --expiry-time 168h # 7 days
nifectl auth token --expiry-time 720h # 30 days
nifectl auth token --expiry-time 2160h # 90 days (maximum)
## nifectl auth whoami
Display the currently authenticated user's identity.
### About
Displays the user's email address/service identity currently authenticated and in use. This command helps you:
- Verify which account is currently active
- Confirm successful authentication
- Check account details before operations
- Debug authentication issues
### Usage
```bash
nifectl auth whoami [flags]
Options
-h, --help help for whoami
Global Options
-t, --access-token string Nife API Access Token
-j, --json json output
Examples
# Show current user
nifectl auth whoami
# Output: [email protected]
# Show in JSON format
nifectl auth whoami --json