The Pipeline platform uses Dex for its main authentication and authorization entry point. Dex is an open-source, federated OpenID Connect identity provider.

The Pipeline Service consumes the ID token issued for the user by Dex. If the user authenticates first time with Pipeline through Dex a user account is getting registered, in the browser visit the login page:

https://{PIPELINE_HOST}/auth/dex/login

Personal access tokens

Browser sessions are for interactive (web-flow) use cases. Personal access tokens can be used to access the Pipeline API in a programatic way. They are named, can have an expiry date, if not defined they never expire. Tokens can be also deleted of course. A user can have any number of tokens.

Personal access tokens on the UI are available under the settings page:

https://{PIPELINE_HOST}/ui/{USERNAME}/settings

UI Tokens

NOTE: The browser session cookies are expiring API tokens as well, thus you will see your browser sessions listed also on this page.

Generate Token

When creating a new personal access token a name has to be set, this useful for identifying the it later on (this is a mandatory field). Also an optional expiration date can be defined, which is the date until the token is valid and can be used, if it expires the token gets deleted and can't be used to access the Pipeline API.

NOTE: In the background a new token is created via POST-ing an HTTP request to the http://{PIPELINE_HOST}/pipeline/api/v1/tokens endpoint.

The newly generated token value is visible only until you navigate away from the tokens page for security reasons.