2017-05-19 16:05:34 +00:00
|
|
|
---
|
2017-10-20 20:26:18 +00:00
|
|
|
layout: "vagrant-cloud"
|
2017-05-19 16:05:34 +00:00
|
|
|
page_title: "Authentication"
|
|
|
|
sidebar_current: "vagrant-cloud-users-authentication"
|
|
|
|
---
|
|
|
|
|
|
|
|
# Authentication
|
|
|
|
|
2017-07-31 23:33:18 +00:00
|
|
|
Vagrant Cloud requires a username and password to sign up and login.
|
2017-05-19 16:05:34 +00:00
|
|
|
However, there are several ways to authenticate with your account.
|
|
|
|
|
|
|
|
### Authentication Tokens
|
|
|
|
|
|
|
|
Authentication tokens are keys used to access your account via tools or over the
|
2017-07-31 23:33:18 +00:00
|
|
|
various APIs used in Vagrant Cloud.
|
2017-05-19 16:05:34 +00:00
|
|
|
|
|
|
|
You can create new tokens in the token section of your account settings. It's
|
|
|
|
important to keep tokens secure, as they are essentially a password and can be
|
|
|
|
used to access your account or resources. Additionally, token authentication
|
|
|
|
bypasses two factor authentication.
|
|
|
|
|
|
|
|
### Authenticating Tools
|
|
|
|
|
|
|
|
All HashiCorp tools look for the `ATLAS_TOKEN` environment variable:
|
|
|
|
|
|
|
|
```shell
|
|
|
|
$ export ATLAS_TOKEN=TOKEN
|
|
|
|
```
|
|
|
|
|
|
|
|
This will automatically authenticate all requests against this token. This is
|
|
|
|
the recommended way to authenticate with our various tools. Care should be given
|
|
|
|
to how this token is stored, as it is as good as a password.
|
|
|
|
|
|
|
|
### Two Factor Authentication
|
|
|
|
|
|
|
|
You can optionally enable Two Factor authentication, requiring an SMS or TOTP
|
|
|
|
one-time code every time you log in, after entering your username and password.
|
|
|
|
|
|
|
|
You can enable Two Factor authentication in the security section of your account
|
|
|
|
settings.
|
|
|
|
|
|
|
|
Be sure to save the generated recovery codes. Each backup code can be used once
|
|
|
|
to sign in if you do not have access to your two-factor authentication device.
|
|
|
|
|
|
|
|
### Sudo Mode
|
|
|
|
|
|
|
|
When accessing certain admin-level pages (adjusting your user profile, for
|
|
|
|
example), you may notice that you're prompted for your password, even though
|
|
|
|
you're already logged in. This is by design, and aims to help guard protect you
|
|
|
|
if your screen is unlocked and unattended.
|
|
|
|
|
|
|
|
### Session Management
|
|
|
|
|
|
|
|
You can see a list of your active sessions on your security settings page. From
|
|
|
|
here, you can revoke sessions, in case you have lost access to a machine from
|
|
|
|
which you were accessing.
|