For debugging or even normal day-to-day operations, accessing the Controller’s CLI is often needed using SSH. To access the Avi Load Balancer Controller through SSH, the system admin or a registered user must have a valid token. Note that this token is not the same as the Oauth token. It is an alternative to a password. The system admin can create a temporary token for a user to access resources for a few hours. After that time expires, the token will not work and the user loses access, so there is no need to delete the token. Once a token is created, you can initiate an SSH connection to the Controller using CLI as the SSH user. A CLI shell is created. Once the shell has been created, a login prompt will be displayed. Provide the required username and the token as the password.

To generate the SSO token through the UI, perform the following steps.

Procedure

  1. Login to the Avi Load Balancer UI.
  2. Click the three dots in the top right corner of the dashboard.
  3. Select Generate Token from the drop down menu.


    A pop-up screen appears as shown below.



  4. Enter the Token Lifetime for the token’s validity in hours and click Generate.
    Note:
    • To generate a single use token, enter 0.

    • The maximum value that can be entered in this field is 87600 hours.

    • In case another token is generated before the first one expires, the first token still remains valid.



  5. Copy the generated token for CLI/SSH access.
  6. To delete a token, for example, if you want to decommission an active token, use the DELETE command in the CLI.