Skip the UI: Driving AWX Entirely From the Command Line
Generating Tokens From an Application
OAuth2 applications in AWX belong to an organization, and only members of that organization can create tokens against them. That gives you a clean way to group integrations: one application per external system (Jenkins, ServiceNow, an internal portal), owned by the team that runs it.
Create one now in the AWX UI to generate a token you can use with the CLI.
Here are the options you need to configure when creating an application:
- Name:
Nebula Auth - Description:
An application for authenticating Nebula users - Organization:
Nebula - Authorization Grant Type:
Resource Owner Password-Based - Redirect URIs: Leave it empty
- Client Type:
Confidential
You should save the Client ID and Client Secret that are generated when you create the application. These are used to authenticate with the API. Note that the secret is only displayed once, so make sure to save it in a secure location.
Now, let's authenticate the AWX CLI using the application we created. You need to export the following environment variables:
export TOWER_HOST=
export TOWER_CLIENT_ID=
export TOWER_CLIENT_SECRET=
export TOWER_USERNAME=
export TOWER_PASSWORD=
We're going to test against a user from the Nebula organization such as nebula_dev1 that we created in the very first parts of this guide.
This is an example:
exportAWX in Action
Ansible Orchestration at ScaleEnroll now to unlock all content and receive all future updates for free.