Service Accounts on macOS and Linux
Last modified on August 26, 2022
Service accounts allow for programmatic access to strongDM resources. This is useful for continuous-integration pipelines, extract-transform-load jobs, or any automated function that would need resource access. Check the Admin UI Guide to see how to create service accounts. The rest of this guide covers how to authenticate with a service account.
Using the CLI
Pass the service account token to the CLI login command.
sdm login --admin-token='<service_account_token>'
Using the GUI (macOS only)
- Select the GUI from the top nav menu on your screen
- Press the
<esc>key 3 times
- The prompt will change from
service account token
- Paste the service account token and click
The strongDM client will check the local environment for the variable SDM_ADMIN_TOKEN. This variable can be added to the environment in a few ways.
export SDM_ADMIN_TOKEN=<token> sdm login
You can add the environment variable during a login event by specifying the previous command in your shell profile. This approach is similar among all of the shells.
echo 'export SDM_ADMIN_TOKEN=<token>' >> ~/.bash_profile
Environment variable can also be read when specified before a command.
SDM_ADMIN_TOKEN=<token> sdm login
Check that it is working
From this point you should see any assigned resources in your GUI or from the CLI.
For the GUI simply click on the strongDM icon at the top of your screen.
For the CLI type the command
$ sdm status DATASOURCE NAME STATUS PORT TYPE pgsql_1_31 not connected 5432 postgres SSH SERVER STATUS PORT TYPE server-245a not connected 61334 ssh