_nifectl auth_

Authentication is the foundation of secure interaction with the Nife platform. The auth command group provides comprehensive tools for managing user authentication, access tokens, and identity verification. Whether you're logging in for the first time, managing API tokens, or verifying your identity, these commands ensure secure and seamless access to the Nife platform.

Overview#

Authenticate with Nife (and logout if you need to). The authentication system supports:

  • User Login/Logout: Secure credential-based authentication
  • Account Creation: New user signup and onboarding
  • Token Management: Generate and manage API access tokens
  • Identity Verification: Check current authentication status

If you do not have an account, start with the AUTH SIGNUP command. If you already have an account, begin with the AUTH LOGIN subcommand.

nifectl auth#

Main command for authentication management operations.

Usage#

nifectl auth [command] [flags]

Available Commands#

  • login - Log in a user
  • logout - Logs out the currently logged in user
  • signup - Create a new nife account
  • token - Show the current auth token
  • whoami - Show the currently authenticated user

Options#

-h, --help help for auth

Global Options#

-t, --access-token string Nife API Access Token
-j, --json json output

nifectl auth login#

Authenticate with the Nife platform using your credentials.

About#

User can login to the nifectl platform via command prompt or terminal. This command establishes an authenticated session that allows you to interact with all Nife services. The login process:

  1. Accepts your email and password credentials
  2. Validates your identity against the Nife platform
  3. Generates an authentication token
  4. Stores the token securely for subsequent commands

If you do not have an account, start with the AUTH SIGNUP command first. If you already have an account, begin with the AUTH LOGIN subcommand.

Usage#

nifectl auth login [flags]

Options#

--email string Login email
-h, --help help for login
-i, --interactive Log in with an email and password interactively
--password string Login password

Global Options#

-t, --access-token string Nife API Access Token
-j, --json json output

Examples#

# Interactive login (prompts for credentials)
nifectl auth login -i
# Login with email only (will prompt for password)
nifectl auth login --email [email protected]
# Login with both credentials (not recommended for security)
nifectl auth login --email [email protected] --password mypassword
# Login with JSON output for scripting
nifectl auth login --email [email protected] -i --json

Login Methods#

Interactive Login (Recommended)#

The safest method as it prompts for credentials without exposing them in command history:

nifectl auth login -i

Command-line Arguments#

Useful for automation but less secure:

nifectl auth login --email [email protected] --password secret

Use Cases:

  • CI/CD pipelines
  • Automated scripts
  • Docker containers
  • Testing environments

โš ๏ธ Security Warning: Avoid using passwords in command line for production environments. Use environment variables or secure secret management instead.

Secure Authentication Best Practices#

  1. Use Interactive Mode for manual logins

    nifectl auth login -i

  2. Environment Variables for automation

    export NIFE_EMAIL="[email protected]"
    export NIFE_PASSWORD="secure-password"
    nifectl auth login --email $NIFE_EMAIL --password $NIFE_PASSWORD

  3. Access Tokens for CI/CD

    nifectl auth token --expiry-time 24h
    # Use token in automated workflows
    nifectl --access-token <token> apps list

  4. Token-based Authentication for long-running processes

    # Generate token
    TOKEN=$(nifectl auth token --expiry-time 2160h --json | jq -r '.token')
    # Use token
    nifectl --access-token $TOKEN deploy

Session Management#

After successful login:

  • Token is stored locally in ~/.nife/config.yml
  • Subsequent commands use this token automatically
  • Session persists until logout or token expiration
  • No need to login again for each command

Troubleshooting Login Issues#

Problem: "Invalid credentials"

  • Solution: Verify email and password are correct
  • Solution: Check if account is active
  • Solution: Reset password if forgotten

Problem: "Network error"

  • Solution: Check internet connection
  • Solution: Verify firewall isn't blocking API access
  • Solution: Check platform status at status.nife.io

Problem: "Account locked"

  • Solution: Contact support to unlock account
  • Solution: Wait for automatic unlock (if temporary)
  • Solution: Verify account hasn't been suspended

Problem: "Two-factor authentication required"

  • Solution: Complete 2FA setup in web dashboard
  • Solution: Use backup codes if available
  • Solution: Contact support for 2FA reset

nifectl auth logout#

End your authenticated session and clear stored credentials.

About#

Log the currently logged-in user out of the nifectl platform. This command:

  1. Invalidates the current authentication token
  2. Removes stored credentials from local configuration
  3. Ends the authenticated session
  4. Requires fresh login for future commands

To continue interacting with nifectl after logout, you will need to log in again using nifectl auth login.

Usage#

nifectl auth logout [flags]

Options#

-h, --help help for logout

Global Options#

-t, --access-token string Nife API Access Token
-j, --json json output

Examples#

# Logout current user
nifectl auth logout
# Logout with JSON output
nifectl auth logout --json
# Verify logout
nifectl auth whoami
# Should show: "Not authenticated" or error

What Happens During Logout#

  1. Token Invalidation: Current auth token is revoked
  2. Local Cleanup: Config files are cleared of credentials
  3. Session End: API access is terminated
  4. Confirmation: Success message displayed

After Logging Out#

  • โŒ All nifectl commands requiring auth will fail
  • โŒ Cannot access organization resources
  • โŒ Cannot deploy or manage applications
  • โœ… Can still use public commands (version, docs)
  • โœ… Can create a new account or login again

nifectl auth signup#

Create a new Nife platform account.

About#

Create a new nife account. The command opens your default web browser and directs you to a registration form where you provide:

  • Email address
  • Password
  • Organization name (optional)
  • Account preferences

After completing the form, your account is created and you can immediately login using nifectl auth login.

Usage#

nifectl auth signup [flags]

Options#

-h, --help help for signup

Global Options#

-t, --access-token string Nife API Access Token
-j, --json json output

Examples#

# Open signup form in browser
nifectl auth signup
# Signup with JSON output (still opens browser)
nifectl auth signup --json

Signup Process#

  1. Command Execution: Run nifectl auth signup
  2. Browser Opens: Default browser launches with signup form
  3. Form Completion: Enter required information
  4. Email Verification: Verify email address (if required)
  5. Account Creation: Account is created and activated
  6. First Login: Use nifectl auth login to authenticate

Account Requirements#

Email Address:

  • โœ… Valid email format
  • โœ… Unique (not already registered)
  • โœ… Accessible for verification
  • โœ… Professional or personal domain accepted

Password:

  • โœ… Minimum 8 characters
  • โœ… Mix of uppercase and lowercase
  • โœ… At least one number
  • โœ… Special characters recommended
  • โœ… Not a commonly used password

Organization Name:

  • Optional during signup
  • Can be created later
  • Used for team collaboration
  • Determines billing structure

After Creating Account#

# 1. Login with new account
nifectl auth login -i
# 2. Verify authentication
nifectl auth whoami
# 3. Create your first app
nifectl apps create my-first-app
# 4. Start deploying
nifectl init
nifectl deploy

nifectl auth token#

Display and manage authentication tokens.

About#

Shows the authentication token that is currently in use. This token can be used as an authentication token with API services, independent of nifectl. Tokens are useful for:

  • API Integration: Direct API access without CLI
  • CI/CD Pipelines: Automated deployments
  • Third-party Tools: Integration with other services
  • Programmatic Access: Script-based automation

Tokens can be generated with custom expiry times, allowing you to create short-lived tokens for security or long-lived tokens for continuous integration.

Usage#

nifectl auth token [flags]

Options#

--expiry-time string Allow users to generate tokens by providing input
(Note: Specify --expiry-time within 2160 hours.)
-h, --help help for token

Global Options#

-t, --access-token string Nife API Access Token
-j, --json json output

Examples#

# Show current token
nifectl auth token
# Generate token with 24-hour expiry
nifectl auth token --expiry-time 24h
# Generate token for 7 days (168 hours)
nifectl auth token --expiry-time 168h
# Generate token with maximum expiry (90 days)
nifectl auth token --expiry-time 2160h
# Get token in JSON format for scripting
nifectl auth token --json
# Store token in variable
TOKEN=$(nifectl auth token --expiry-time 24h --json | jq -r '.token')

Token Expiry Time Options#

You can specify expiry time in hours (h) or days (d):

# Hours
nifectl auth token --expiry-time 1h # 1 hour
nifectl auth token --expiry-time 24h # 1 day
nifectl auth token --expiry-time 168h # 7 days
nifectl auth token --expiry-time 720h # 30 days
nifectl auth token --expiry-time 2160h # 90 days (maximum)
## nifectl auth whoami
Display the currently authenticated user's identity.
### About
Displays the user's email address/service identity currently authenticated and in use. This command helps you:
- Verify which account is currently active
- Confirm successful authentication
- Check account details before operations
- Debug authentication issues
### Usage
```bash
nifectl auth whoami [flags]

Options#

-h, --help help for whoami

Global Options#

-t, --access-token string Nife API Access Token
-j, --json json output

Examples#

# Show current user
nifectl auth whoami
# Output: [email protected]
# Show in JSON format
nifectl auth whoami --json