LinuxCommandLibrary

ibmcloud-login

Log in to IBM Cloud

TLDR

Log in by using an interactive prompt

$ ibmcloud login
copy

Log in to a specific API endpoint (default is cloud.ibm.com)
$ ibmcloud login -a [api_endpoint]
copy

Log in by providing username, password, and the targeted region as parameters
$ ibmcloud login -u [username] -p [password] -r [us-south]
copy

Log in with an API key, passing it as an argument
$ ibmcloud login --apikey [api_key_string]
copy

Log in with an API key, passing it as a file
$ ibmcloud login --apikey @[path/to/api_key_file]
copy

Log in with a federated ID (single sign-on)
$ ibmcloud login --sso
copy

SYNOPSIS

ibmcloud login [-a|--account ACCOUNT_GUID] [-g|--group GROUP_GUID] [-u|--username USERNAME] [-p|--password PASSWORD] [--apikey APIKEY] [--sso] [-r|--region REGION] [--url URL] [--scope SCOPE] [-l|--logout]

PARAMETERS

-a, --account ACCOUNT_GUID
    Target specific account GUID on login

--apikey APIKEY
    Authenticate with API key; supports @file for file input

-g, --group GROUP_GUID
    Target specific resource group GUID

-l, --logout
    Logout from current account

-p, --password PASSWORD
    Password for login; supports @file

-r, --region REGION
    Target region (e.g., us-south, eu-gb)

--sso
    Enable Single Sign-On login

--url URL
    Custom Cloud URL (default: https://cloud.ibm.com)

-u, --username USERNAME
    Email username for login

--scope SCOPE
    Session scope: account, resource-group, all-account, all

DESCRIPTION

The ibmcloud login command (often referenced as ibmcloud-login in scripts or aliases) is part of the IBM Cloud Command Line Interface (CLI), a powerful tool for managing IBM Cloud resources from the terminal. It authenticates users to IBM Cloud, enabling access to services like Kubernetes, Functions, and Cloud Foundry apps.

Login supports multiple methods: interactive username/password, API keys for automation, and Single Sign-On (SSO) for federated identities. Upon successful login, it sets the target account, region, resource group, and scope, storing tokens securely in ~/.bluemix. Users can switch targets with options like --account or --region.

This command is essential for DevOps workflows, CI/CD pipelines, and scripting. For security, avoid hardcoding credentials; use API keys or environment variables. Logout with ibmcloud logout. Note: deprecated Cloud Foundry login mode still works but targets IAM by default. Always verify CLI version with ibmcloud version for latest features. (187 words)

CAVEATS

Requires IBM Cloud CLI installed; never hardcode credentials in scripts. Tokens expire; re-login as needed. Some regions/options may vary by CLI version. Deprecated CF login redirects to IAM.

EXAMPLES

ibmcloud login
Interactive login prompt.

ibmcloud login --apikey @apikey.txt --region us-south
Non-interactive with file-based key.

ibmcloud login --sso
SSO flow with passcode.

INSTALLATION

Linux: curl -sL https://raw.githubusercontent.com/IBM-Cloud/ibm-cloud-cli-installer/master/install.sh | bash
Verify: ibmcloud --version

HISTORY

Originated in Bluemix CLI (bx login, 2013-2017); rebranded to IBM Cloud CLI (ibmcloud) in 2017. Enhanced with IAM support (2018), API keys (2019), SSO/multi-account (2020+). Latest v2.x focuses on hybrid cloud.

SEE ALSO

ibmcloud(1), ibmcloud logout(1), ibmcloud target(1), ibmcloud account(1)

Copied to clipboard