Skip to main content
Version: v2.2.1

Authentication

Feature Store CLI provides 3 forms of authentication:

Access token from external environment

If you are running Feature Store in an environment which already takes care of the client authentication and makes access tokens available, you This is the same for H2O Wave.

This ensures that during each call, Feature Store uses the provided access token from the external environment for authentication.

Refresh token from identity provider

Personal access tokens (PATs)

In order to create a personal access token, you first need to be logged-in via one of the previously mentioned methods.

Once logged-in, you can create a personal access token:

token_str = client.auth.pats.generate(name="background_jobs", description="some description", expiry_date="<dd/MM/yyyy>", timezone=None)

Explanation of the parameters:

  • expiry_date is optional. When provided, it should be in the format dd/MM/yyyy. Tokens without expiry date will get an expiry date according to maximal allowed token duration which is a parameter controlled by a Feature Store administrator. To find out its actual value, call client.auth.pats.maximum_allowed_token_duration.
  • timezone is optional. If provided, the provided timezone overrides the system timezone of CLI environment.

This call returns the textual representation of the token. It is not possible to obtain the textual representation of the token again, so save it in a secure location.

You can list existing token objects:

The query argument is optional and specifies which access tokens should be returned. By default, no filtering options are specified. To filter tokens by name or description please use query parameter.

client.auth.pats.list(query = None)

You can obtain a particular token object:

token = client.auth.pats.get(token_id)
note

Token id is different from token name.

You can revoke the token:

token.revoke()
note

The Feature Store admin can configure the max.pat.number.per.user option to limit the number of personal access tokens one user can have at a single time.

Feedback