@heroku-cli/plugin-oauth-v5
v8.11.2
Published
Heroku CLI plugin to manage OAuth clients.
Downloads
10,857
Maintainers
sbosio_sf
hillzbot2000
kdreyeroren
beanieboi
beckychen
xx-sfdc-npm
kpremkumar
abhinavkoul
daniel.bright
justinwilaby-sf
cv88
jlopezdan
jmonreal
jondaniel-sfdc
dhagberg-sf
jmorrell-sfdc
elzoona
cmarcojos
gkommineni
vlazuka
nlanatta
lucaszhou
mars
mimen
wchrisjohnson
cbaxtersf
heroku-front-end
bsperlingsf
zli-sf
7ftz
joanneyeung
montes_heroku
jwadsworthsf
jheikes
lmckenzie
sarassassin
pfuente
reidmix
mbuschheroku
k.plenty
eblack
sheax0r
k80bowman
rdagg-hero
grundy.g
robinson.m
tcareysmith-sfdc
ptemporini
paulaprado18
harish.457
ntonollierKeywords
Readme
Heroku OAuth 
Command line plugin for managing OAuth clients, authorizations and tokens.
No need to install, this plugin comes built into the Heroku CLI.
Clients
To create a client:
$ heroku clients:create "Amazing" https://amazing-client.herokuapp.com/auth/heroku/callback
Creating Amazing... done
HEROKU_OAUTH_ID=3e304bda-d376-4278-bdea-6d6c08aa1359
HEROKU_OAUTH_SECRET=e6a5f58f-f8a9-49f1-a1a6-d1dd98930ef6See OAuth clients under your account with:
$ heroku clients
Amazing 3e304bda-d376-4278-bdea-6d6c08aa1359 https://amazing-client.herokuapp.com/auth/heroku/callbackGet details about a client:
$ heroku clients:info 36120128-fee7-455e-8b7f-807aee130946
=== Amazing
created_at: 2016-01-21T02:11:57Z
id: 36120128-fee7-455e-8b7f-807aee130946
name: Amazing
redirect_uri: https://amazing-client.herokuapp.com/auth/heroku/callback
secret: a14cf558-60b8-44f2-a804-3b249b48aa57
updated_at: 2016-01-21T02:11:57ZUpdate clients:
$ heroku clients:update 3e304bda-d376-4278-bdea-6d6c08aa1359 --url https://amazing-client.herokuapp.com/auth/heroku/callback
Updated Amazing... doneAuthorizations
List them:
$ heroku authorizations
Amazing 9e3a4063-b833-432e-ad75-4b0d7195be13 global
Heroku CLI 676cb46c-7597-4be1-8a6a-f87b9f2f1065 globalCreating
You can create a special user-created authorization against your account that will come with an access token which doesn't expire:
$ heroku authorizations:create --description "For use with Anvil"
Created OAuth authorization.
ID: 105a7bfa-34c3-476e-873a-b1ac3fdc12fb
Description: For use with Anvil
Token: 4cee516c-f8c6-4f14-9edf-fc6ef09cedc5
Scope: globalYou can also pass in short output format to only output the token.
$ heroku authorizations:create --output-format short
nec6a9b6-b21a-4ba1-il95-70zd47e14c4dAnother option allows for tokens that expire. This token expires in 10 seconds.
$ heroku authorizations:create --expires-in 10
Created OAuth authorization.
Client: <none>
ID: 2231biha6-5b1e-4268-ba04-2ee7b74m2gf6
Description: Long-lived user authorization
Scope: global
Token: 9aa5d667-fg37-4028-8dc9-b2191b5z5966A combination of short format and expires-in can be handy to pass into a job that needs access to heroku:
$ heroku run "HEROKU_EMAIL=`heroku auth:whoami` HEROKU_API_KEY=`heroku authorizations:create --expires-in 120 --output-format short` ./my_job.sh" -a myappOptionally, you can specify a list of scopes for the authorization:
$ heroku authorizations:create --description "For use with Anvil" --scope identity,read-protected
Created OAuth authorization.
ID: 105a7bfa-34c3-476e-873a-b1ac3fdc12fb
Description: For use with Anvil
Token: 4cee516c-f8c6-4f14-9edf-fc6ef09cedc5
Scope: identity, read-protectedThe procured token can now be used like an API key:
$ curl -u ":4cee516c-f8c6-4f14-9edf-fc6ef09cedc5" https://api.heroku.com/appsRevoking
Any authorization on your account can be revoked at any time:
$ heroku authorizations:revoke 105a7bfa-34c3-476e-873a-b1ac3fdc12fb
Revoked authorization from "Another App".heroku authorizationsheroku authorizations:createheroku authorizations:destroy IDheroku authorizations:info IDheroku authorizations:revoke IDheroku authorizations:rotate IDheroku authorizations:update IDheroku clientsheroku clients:create NAME REDIRECT_URIheroku clients:destroy IDheroku clients:info IDheroku clients:rotate IDheroku clients:update IDheroku sessionsheroku sessions:destroy ID
heroku authorizations
list OAuth authorizations
USAGE
$ heroku authorizations [-j]
FLAGS
-j, --json output in json format
DESCRIPTION
list OAuth authorizationsSee code: lib/commands/authorizations/index.js
heroku authorizations:create
create a new OAuth authorization
USAGE
$ heroku authorizations:create [-d <value>] [-s <value>] [-e <value>] [-S] [-j]
FLAGS
-S, --short only output token
-d, --description=<value> set a custom authorization description
-e, --expires-in=<value> set expiration in seconds (default no expiration)
-j, --json output in json format
-s, --scope=<value> set custom OAuth scopes
DESCRIPTION
create a new OAuth authorization
This creates an authorization with access to your Heroku account.See code: lib/commands/authorizations/create.js
heroku authorizations:destroy ID
revoke OAuth authorization
USAGE
$ heroku authorizations:destroy ID
DESCRIPTION
revoke OAuth authorization
ALIASES
$ heroku authorizations:destroy
$ heroku authorizations:revokeheroku authorizations:info ID
show an existing OAuth authorization
USAGE
$ heroku authorizations:info ID [-j]
FLAGS
-j, --json output in json format
DESCRIPTION
show an existing OAuth authorizationSee code: lib/commands/authorizations/info.js
heroku authorizations:revoke ID
revoke OAuth authorization
USAGE
$ heroku authorizations:revoke ID
DESCRIPTION
revoke OAuth authorization
ALIASES
$ heroku authorizations:destroy
$ heroku authorizations:revokeSee code: lib/commands/authorizations/revoke.js
heroku authorizations:rotate ID
updates an OAuth authorization token
USAGE
$ heroku authorizations:rotate ID
DESCRIPTION
updates an OAuth authorization tokenSee code: lib/commands/authorizations/rotate.js
heroku authorizations:update ID
updates an OAuth authorization
USAGE
$ heroku authorizations:update ID [-d <value>] [--client-id <value>] [--client-secret <value>]
FLAGS
-d, --description=<value> set a custom authorization description
--client-id=<value> identifier of OAuth client to set
--client-secret=<value> secret of OAuth client to set
DESCRIPTION
updates an OAuth authorizationSee code: lib/commands/authorizations/update.js
heroku clients
list your OAuth clients
USAGE
$ heroku clients [-j]
FLAGS
-j, --json output in json format
DESCRIPTION
list your OAuth clientsSee code: lib/commands/clients/index.js
heroku clients:create NAME REDIRECT_URI
create a new OAuth client
USAGE
$ heroku clients:create NAME REDIRECT_URI [-s] [-j]
FLAGS
-j, --json output in json format
-s, --shell output in shell format
DESCRIPTION
create a new OAuth clientSee code: lib/commands/clients/create.js
heroku clients:destroy ID
delete client by ID
USAGE
$ heroku clients:destroy ID
DESCRIPTION
delete client by IDSee code: lib/commands/clients/destroy.js
heroku clients:info ID
show details of an oauth client
USAGE
$ heroku clients:info ID [-j] [-s]
FLAGS
-j, --json output in json format
-s, --shell output in shell format
DESCRIPTION
show details of an oauth clientSee code: lib/commands/clients/info.js
heroku clients:rotate ID
rotate OAuth client secret
USAGE
$ heroku clients:rotate ID [-j] [-s]
FLAGS
-j, --json output in json format
-s, --shell output in shell format
DESCRIPTION
rotate OAuth client secretSee code: lib/commands/clients/rotate.js
heroku clients:update ID
update OAuth client
USAGE
$ heroku clients:update ID [-n <value>] [--url <value>]
FLAGS
-n, --name=<value> change the client name
--url=<value> change the client redirect URL
DESCRIPTION
update OAuth clientSee code: lib/commands/clients/update.js
heroku sessions
list your OAuth sessions
USAGE
$ heroku sessions [-j]
FLAGS
-j, --json output in json format
DESCRIPTION
list your OAuth sessionsSee code: lib/commands/sessions/index.js
heroku sessions:destroy ID
delete (logout) OAuth session by ID
USAGE
$ heroku sessions:destroy ID
DESCRIPTION
delete (logout) OAuth session by IDSee code: lib/commands/sessions/destroy.js