Use environment variables to manage passwords in ACLI
- Technical Communications
- Cristina Szilágyi (Deactivated)
Many ACLI actions require authentication using a password or cloud token. While you can include credentials in your custom start scripts to avoid entering them each time, this approach can expose sensitive information. On some operating systems, administrators can still view commands running in memory, including any embedded passwords.
To reduce this risk, ACLI supports using environment variables to securely reference passwords without exposing them on the command line.
Use environment variables for credentials
You can substitute the following environment variables in place of passwords or tokens by using the @ symbol in the CLI command.
Environment Variable | Substitutes For |
|---|---|
|
|
|
|
|
|
Use environment variables in property files (recommended)
Starting with ACLI 8.8, you can reference environment variables directly in your property file configuration using standard syntax. This is the recommended method for managing sensitive information and is expected to fully replace the older environment variable support in future releases.
Example property file entries:
myjira = jira https://jira.examplegear.com -u automation -p ${MY_PASSWORD}
cloud = https://examplegear.atlassian.net --user automation@examplegear.com --token ${MY_ATLASSIAN_CLOUD_TOKEN}
Using this method lets you centralize and securely manage credentials while keeping your automation scripts clean and portable.