project enroll


ockam project enroll [OPTIONS] [ENROLLMENT TICKET PATH | ENROLLMENT TICKET]

Ockam offers several pluggable enrollment protocols. One simple option is to use one-time-use enrollment ticket. This is a great option to enroll large fleets of applications, service, or devices. It is also easy to use with automated provisioning scripts and tools.

With this command you can use an enrollment ticket generated with the ockam project ticket command to enroll an identity to a project.

Arguments

  • [ENROLLMENT TICKET PATH | ENROLLMENT TICKET] (optional)

Options

  • --okta (optional)

  • --identity [IDENTITY_NAME] (optional)
    Run the command as the given identity name

  • --project-path [PROJECT_JSON_PATH] (optional)
    Project config file

  • --trust-context [TRUST_CONTEXT_NAME | TRUST_CONTEXT_JSON_PATH] (optional)
    Trust Context config file

  • --project [PROJECT_NAME] (optional)

  • --new-trust-context-name [NEW_TRUST_CONTEXT_NAME] (optional)
    Name of the new trust context to create, defaults to project name

  • --force (optional)
    Execute enrollment even if the trust context already exists

Examples

# From the admin machine, generate an enrollment ticket
$ ticket=$(ockam project ticket --attribute component=user)

# From the user machine, enroll the local identity to the project using the enrollment ticket
$ ockam project enroll $ticket --identity control_identity