Log in with the btp CLI is on global account level.
-
Your global account must be on feature set B. See Cloud Management Tools — Feature Set Overview.
-
You need to pass the CLI server URL. Usually, it is proposed during login and you can confirm with [ENTER]:
https://cli.btp.cloud.sap/.Note that in clients up until version 2.49.0, the old server URL
https://cpcli.cf.eu10.hana.ondemand.comis proposed. For the time being, you can use either one, but we recommend to switch tohttps://cli.btp.cloud.sap/. If you are in a private cloud and your operator has provided you with a different server URL, you'll have to enter that one. -
Your user is assigned to the
Global Account Vieweror theGlobal Account Administratorrole collection. See Role Collections and Roles in Global Accounts, Directories, and Subaccounts [Feature Set B]. -
To log on with SAP Universal ID, you need to log on with the single sign-on parameter (
btp login --sso). If you don't want to use single sign-on, log on with the password associated with your account (S-user or P-user) in the default identity provider, SAP ID service. If you've forgotten this password and this user is associated with your SAP Universal ID user, reset your password.For more information, see SAP Note 3085908 and Log in with Single Sign-On.
When you log in to your global account with the btp CLI, a token is created and stored on your computer that allows to close and reopen the command line without losing your login. With each command call, this token is renewed and valid for 12 hours. So, if you take a longer break from working with the btp CLI, you’ll have to log in again. If you want to end your login earlier, you can use btp logout.
We recommend using single sign-on and authenticating directly at your identity provider through a web browser:
btp login --sso
See Log in with Single Sign-On.
To login with a custom identity provider, use:
btp login --sso --idp <TENANT>
See Log in with a Custom Identity Provider.
To log in manually, use btp login. The btp CLI prompts for all login information, but optionally, you can provide the required information as parameters.
Usage: btp [OPTIONS] login [PARAMS]
Parameters
|
|
Opens a browser for single sign-on at the identity provider. The btp CLI doesn't prompt for this parameter. If you use SAP Universal ID, you need to use this parameter. To suppress automatic browser opening, use |
|
|
This parameter is only needed if you want to log in through a custom identity provider. The CLI doesn't prompt for it. If trust is configured between your global account and a custom identity provider, use this parameter to log in through this identity provider by providing its tenant ID. To retrieve the required value, you can run
For more information about using a custom identity provider, see Establish Trust and Federation of Custom Identity Providers for Platform Users [Feature Set B]. |
|
|
The client proposes this CLI server URL: |
|
|
Your user name, usually an email address. |
|
|
Your password. If you have enabled Two-Factor-Authentication, append your token to your password.
|
|
|
In the interactive login, after successful authentication, the btp CLI will offer all of your global accounts so you can select the one to log in to. You can also provide the global account as a parameter by specifying its subdomain. You should have obtained the subdomain from your operator; but you can also find it in the cockpit in the global account view.
|
btp login
If you've logged in before, the server URL, the subdomain, and the user from the last login are suggested. You can then press [Enter] to confirm, or type in different values.
CLI server URL [https://cpcli.cf.eu10.hana.ondemand.com]>
Subdomain [my-global-account]>
User [[email protected]]>
Upon successful login, the btp CLI creates a folder (btp) and a configuration file (config.json) in the default location of your user data directory:
-
Microsoft Windows:
C:\Users<i class="varname"><username>\AppData\Roaming\SAP\btp\config.json -
Apple macOS ;
~/Library/Application Support/.btp/config.json -
Linux:
~/.config/.btp/config.json
To change this location, use the --config option or the environmnet variable. See Specify the Location of the Configuration File.
You’ve logged in to the global account and all commands are executed in this global account, unless you provide a subaccount or directory ID with the command. To change this default context for subsequent commands, you can target a subaccount or directory, or even a different global account by using
btp target. See Set a Target for Subsequent Commands with btp target.
Related Information