Skip to content

orca auth

Inspect tokens and authentication details.

The reference below is generated from the live CLI by mkdocs-click. It always reflects the version installed.

orca auth

Keystone identity & access diagnostics.

Usage:

orca auth [OPTIONS] COMMAND [ARGS]...

Options:

Name Type Description Default
--help boolean Show this message and exit. False

Subcommands

  • check: Verify credentials are still valid (password check).
  • token: Inspect or revoke the current token.
  • token-debug: [deprecated, use 'auth token debug' instead]
  • token-revoke: [deprecated, use 'auth token revoke' instead]
  • whoami: Show current identity — user, project, roles, endpoints.

orca auth check

Verify credentials are still valid (password check).

Tests authentication against Keystone without running any command. Use before long scripts to fail fast.

Examples: orca auth check # check active profile orca auth check --all # check every orca profile orca auth check --clouds # also check clouds.yaml entries

Usage:

orca auth check [OPTIONS]

Options:

Name Type Description Default
--all, -a boolean Check all profiles, not just the active one. False
--clouds boolean Also check clouds.yaml entries. False
--help boolean Show this message and exit. False

orca auth token

Inspect or revoke the current token.

Usage:

orca auth token [OPTIONS] COMMAND [ARGS]...

Options:

Name Type Description Default
--help boolean Show this message and exit. False

Subcommands

  • debug: Inspect the current token — roles, catalog, methods, expiration.
  • revoke: Revoke a token.
orca auth token debug

Inspect the current token — roles, catalog, methods, expiration.

Shows everything Keystone returned in the token payload. Use --raw for the full JSON dump.

Examples: orca auth token debug orca auth token debug --raw

Usage:

orca auth token debug [OPTIONS]

Options:

Name Type Description Default
--raw boolean Print the full token body as JSON. False
--help boolean Show this message and exit. False
orca auth token revoke

Revoke a token.

Example: orca auth token revoke

Usage:

orca auth token revoke [OPTIONS] TOKEN

Options:

Name Type Description Default
--help boolean Show this message and exit. False

orca auth token-debug

Inspect the current token — roles, catalog, methods, expiration.

Shows everything Keystone returned in the token payload. Use --raw for the full JSON dump.

Examples: orca auth token debug orca auth token debug --raw

Usage:

orca auth token-debug [OPTIONS]

Options:

Name Type Description Default
--raw boolean Print the full token body as JSON. False
--help boolean Show this message and exit. False

orca auth token-revoke

Revoke a token.

Example: orca auth token revoke

Usage:

orca auth token-revoke [OPTIONS] TOKEN

Options:

Name Type Description Default
--help boolean Show this message and exit. False

orca auth whoami

Show current identity — user, project, roles, endpoints.

Fast summary of who you are and what you can do, without listing all resources.

Examples: orca auth whoami orca -P staging auth whoami

Usage:

orca auth whoami [OPTIONS]

Options:

Name Type Description Default
--help boolean Show this message and exit. False