Bug 1370506

Summary: [DOCS] Authentication with Dedicated only works with a token
Product: OpenShift Online Reporter: Eric Rich <erich>
Component: DocumentationAssignee: Vikram Goyal <vigoyal>
Status: CLOSED NOTABUG QA Contact: Vikram Goyal <vigoyal>
Severity: low Docs Contact: Vikram Goyal <vigoyal>
Priority: unspecified    
Version: 3.xCC: aos-bugs, jliggitt, jokerman, mmccomas
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2016-09-04 22:28:27 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:

Description Eric Rich 2016-08-26 13:58:45 UTC 
Document URL: https://docs.openshift.com/dedicated/3.2/dev_guide/authentication.html

Section Number and Name: CLI Authentication
Describe the issue: Authentication with Dedicated (cli) requires the use of a "token" 

Suggestions for improvement: Only document how to authenticate with a token, and document how `oc login` shows users where to get this token. 

Additional information: 

> $ ./oc login https://api.COOLCORP.openshift.com
> Login failed (401 Unauthorized)
> You must obtain an API token by visiting https://api.COOLCORP.openshift.com/oauth/token/request
Comment 1 Eric Rich 2016-08-26 14:16:03 UTC 
(In reply to Eric Rich from comment #0)
> Document URL:
> https://docs.openshift.com/dedicated/3.2/dev_guide/authentication.html
> 
> Section Number and Name: CLI Authentication
> Describe the issue: Authentication with Dedicated (cli) requires the use of
> a "token" 
> 
> Suggestions for improvement: Only document how to authenticate with a token,
> and document how `oc login` shows users where to get this token. 
> 
> Additional information: 
> 
> > $ ./oc login https://api.COOLCORP.openshift.com
> > Login failed (401 Unauthorized)
> > You must obtain an API token by visiting https://api.COOLCORP.openshift.com/oauth/token/request

This should only be applied to OpenID or OAuth providers, or providers that do not support challange/login options from: https://docs.openshift.com/enterprise/3.2/install_config/configuring_authentication.html#identity-providers
Comment 2 Jordan Liggitt 2016-08-29 03:13:26 UTC 
Some dedicated installations support username/password logins. `oc login` should continue to be the main starting point for the CLI login procedure.

There is nothing more specific we can document that would apply to all installations, since the web flow required to obtain a token is located at a different URL for all dedicated installations.

I would recommend we leave the docs as-is