New Interested in participating in the HCP Waypoint Private Beta Program? Apply here
  • Infrastructure
    • terraform
    • packer
  • Networking
    • consul
  • Security
    • vault
    • boundary
  • Applications
    • nomad
    • waypoint
    • vagrant
  • HashiCorp Cloud Platform

    A fully managed platform to automate infrastructure on any cloud with HashiCorp products.

    • consul
    • terraform
    • vault
    • packerbeta
    Visit cloud.hashicorp.com
  • Overview
  • Tutorials
  • Docs
  • CLI
  • Plugins
  • Community
GitHub
Download
    • Overview
      • Overview
      • Helm
      • Heroku, Vercel, etc.
      • Kubernetes
  • Getting Started
    • Overview
    • Compatibility Promise
    • Protocol Version Table
    • Release Notifications
      • Overview
      • Upgrade to 0.2.0
      • Upgrade to 0.3.0
      • Upgrade to 0.4.0
      • Upgrade to 0.5.0
      • Upgrade to 0.6.0
      • Upgrade to 0.7.0
      • Upgrade to 0.8.0

    • Install
    • Externally Built Images
    • Building Container Images
    • Helm Deployment
    • YAML-Free Deployment
    • YAML Directory Deployment
    • Resource Status
    • ConfigMaps and Secrets

    • Overview
    • Git Integration
    • Remote Operations
    • Overview
    • Build
    • Deploy
    • Release
    • Hooks
    • Labels
    • Workspace and Label Scoping
    • Overview
      • Overview
      • Input Variables
      • External Data
      • artifact
      • deploy
      • entrypoint
      • labels
      • path
      • workspace
      • Overview
      • Full Reference
      • Templating
      • Overview
      • Expressions
      • JSON Syntax
    • app
    • build
    • config
    • deploy
    • hook
    • plugin
    • registry
    • release
    • runner
    • url
    • use
    • variable
  • URL Service
  • Logs
  • Exec
    • Overview
    • Dynamic Values
    • Files
    • Internal Values
    • Workspace and Label Scoping
    • Overview
      • Overview
      • OIDC
      • Tokens
      • Overview
      • Maintenance
      • Production
      • Security
    • Express Server Install
    • Overview
    • Configuration
    • Profiles
    • On-Demand Runner
    • Additional Runners
  • Workspaces
  • Plugins
  • Triggers

    • Overview
      • Overview
      • Registering Plugin Components
      • Handling Configuration
      • Implementing the Builder Interface
      • Compiling the Plugin
      • Creating an Example Application
      • Testing the Plugin
    • Initializing the SDK
    • Passing Values Between Components
      • Overview
      • Authenticator
      • ConfigSourcer
      • Configurable
      • ConfigurableNotify
      • Builder
      • Registry
      • Platform
      • ReleaseManager
      • Destroy
      • Status
      • Default Parameters
      • Overview
    • Overview
    • Disable
    • Overview
    • GitHub Actions
    • GitLab CI/CD
    • CircleCI
    • Jenkins
  • Troubleshooting
  • Glossary

    • Overview
    • Architecture
    • Operation Execution
  • Roadmap
Type '/' to Search

»Server Authentication

All connections to the Waypoint server via the CLI or UI require authentication. Waypoint supports authentication using an API token or via OpenID Connect (OIDC). OIDC allows Waypoint to use existing accounts from providers such as Google, Okta, GitLab, and more.

If you're a new user that ran waypoint install, the auth token was automatically configured for your local CLI. As a next step, we recomend setting up OIDC.

»Logging In

To log in in the Waypoint UI, open the UI in your browser and follow the onscreen instructions.

»Invite Teammates

If using OIDC, other teammates can attempt to authenticate using the UI or waypoint login. This will create a new account if they're allowed to authenticate.

For tokens, use the waypoint user invite CLI command with the -username flag. This will create an invite token that can be exchanged for a token for a specific user.

To invite a new user alice:

$ waypoint user invite -username=alice
svESKuVYKeLkgFP3heNanrhvwiMfxfM7q7d3m8UTU3fTDwetfq9vMsBtdqeRmKakXZXJjLDinApxkDcVe594vR2FfVeF3m6gupZ8NVcSC
$ waypoint user invite -username=alice
svESKuVYKeLkgFP3heNanrhvwiMfxfM7q7d3m8UTU3fTDwetfq9vMsBtdqeRmKakXZXJjLDinApxkDcVe594vR2FfVeF3m6gupZ8NVcSC

After giving Alice the invite token, they can setup their account using the standard waypoint login flow.

»Revoke, Inspect, etc.

Waypoint currently doesn't have any mechanism to revoke sessions, audit token usage, inspect existing sessions, etc. We plan on expanding our authentication system to support this in the future.

github logoEdit this page

Using Waypoint

The best way to understand what Waypoint can enable for your projects is to give it a try.

Waypoint tutorials
Waypoint documentation
Tutorial

Get Started - Kubernetes

Build, deploy, and release applications to a Kubernetes cluster.

View
Tutorial

Introduction to Waypoint

Waypoint enables you to publish any application to any platform with a single file and a single command.

View

Waypoint is maintained by HashiCorp, Inc.

View Code of Conduct
DocumentationCLI ReferenceTutorialsIntegrations
All systems normal