Your submission was sent successfully! Close

Snapcraft experimental login – new, secure Web-based authentication method

Some Snapcraft operations mandate that users identify themselves. For example, if you want to push your snap to the Snap Store, you need to login on the command line. The process relies on the internal login mechanism built into Snapcraft.

A preview functionality for a new Web-based authentication flow is available as an experimental feature in Snapcraft since release 4.6. This allows you to complete the login process in a simple, secure manner using the browser, and extends the macaroon-based authentication currently in use.

Get started

To try the experimental login feature, make sure you have the relevant release of Snapcraft installed. The easiest way is to refresh Snapcraft from the edge channel. Then, on the command line, your login procedure will look like this:

snapcraft login --experimental-login
Opening an authorization web page in your browser.

If it does not open, please open this URL:
https://api.jujucharms.com/identity/login?did=c0cf2e16bc2244001945a6b3fe6d56c4e35a8401a3678ecff9fce89ef6cd2583

Snapcraft should forward the query to your default browser and open the login page, where you can then identify. This could be Ubuntu SSO, optional MFA, and any other methods that you would use. Once you complete the authentication, you will see another line printed on the command line.

Login successful.

If you do not wish to use the experimental login feature anymore, you first need to logout and have the credentials cleared, and then, you can go back to the standard login process.

snapcraft logout
Credentials cleared.

In scenarios where the Web-based access may be restricted, developers can export the credentials with the export-login [file] command, and then use them on other systems by passing on the –with creds-file option to snapcraft login.

Summary

The experimental login allows Snapcraft users to authenticate through a Web-based flow. This provides extensibility and security that goes beyond the classic command-line login. However, in some scenarios, the Web-based method may not be ideal or available, which is why Snapcraft also allows the export of credentials, offering additional flexibility to the users. If you’d like to test the feature and provide feedback, please take Snapcraft for a spin, join our forum, and let us know your findings.

Photo by CDC on Unsplash.

Talk to us today

Interested in running Ubuntu in your organisation?

Newsletter signup

Select topics you're
interested in

In submitting this form, I confirm that I have read and agree to Canonical's Privacy Notice and Privacy Policy.

Related posts

Snap usage metrics now available on the command line

For years now, developers and publishers could view how well their snaps are performing in terms of usage and popularity through the Snap Store Web interface,...

Snapcraft offline mode – Build snaps while saving data

As part of the snap creation cycle, the Snapcraft tool creates isolated build instances inside which all of the necessary work – download of sources,...

Better snap metadata handling coming your way soon

Open the Snap Store, click on any application you like – you will now see a page full of useful tidbits – screenshots and videos, application description,...