project ticket

ockam project ticket [OPTIONS]

Ockam offers several pluggable enrollment protocols. This command allows project administrators to enroll known identities or create an one-time enrollment ticket that can be used later on the end device to enroll themselves into the project.


  • --identity [IDENTITY_NAME] (optional)
    Run the command as the given identity name

  • --project-path [PROJECT_JSON_PATH] (optional)
    Project config file

  • --trust-context [TRUST_CONTEXT_NAME | TRUST_CONTEXT_JSON_PATH] (optional)
    Trust Context config file

  • --project [PROJECT_NAME] (optional)

  • -m, --member [MEMBER] (optional)

  • -t, --to [TO] (optional)

  • -a, --attribute [ATTRIBUTE] (optional)
    Attributes in key=value format to be attached to the member

  • --expires-in [DURATION] (optional)

  • --usage-count [USAGE_COUNT] (optional)


# To enroll a known identity
$ ockam project ticket --member id_identifier

# To generate an enrollment ticket that can be used to enroll a device
$ ockam project ticket --attribute component=control