usage: rucio [-h] [--version] [--config CONFIG] [--verbose] [-H ADDRESS]
[--auth-host ADDRESS] [-a ISSUER] [-S AUTH_STRATEGY] [-T TIMEOUT]
[--user-agent USER_AGENT] [--vo VO] [-u USERNAME] [-pwd PASSWORD]
[--oidc-user OIDC_USERNAME] [--oidc-password OIDC_PASSWORD]
[--oidc-scope OIDC_SCOPE] [--oidc-audience OIDC_AUDIENCE]
[--oidc-auto] [--oidc-polling]
[--oidc-refresh-lifetime OIDC_REFRESH_LIFETIME]
[--oidc-issuer OIDC_ISSUER] [--certificate CERTIFICATE]
[--client-key CLIENT_KEY] [--ca-certificate CA_CERTIFICATE]
{account,config,did,download,replica,rse,rule,scope,subscription,upload,ping,whoami,lifetime-exception,test-server}
...
CLI Rucio Client. (Use --legacy to view CLI from <36.0)
positional arguments:
{account,config,did,download,replica,rse,rule,scope,subscription,upload,ping,whoami,lifetime-exception,test-server}
Command to execute, see `{command} -h` for more
details and subcommands.
optional arguments:
-h, --help show this help message and exit
Main Arguments:
--version show program's version number and exit
--config CONFIG The Rucio configuration file to use.
--verbose, -v Print more verbose output.
-H ADDRESS, --host ADDRESS
The Rucio API host.
--auth-host ADDRESS The Rucio Authentication host.
-a ISSUER, --account ISSUER
Rucio account to use.
-S AUTH_STRATEGY, --auth-strategy AUTH_STRATEGY
Authentication strategy (userpass, x509...)
-T TIMEOUT, --timeout TIMEOUT
Set all timeout values to seconds.
--user-agent USER_AGENT, -U USER_AGENT
Rucio User Agent
--vo VO VO to authenticate at. Only used in multi-VO mode.
Authentication Settings:
-u USERNAME, --user USERNAME
username
-pwd PASSWORD, --password PASSWORD
password
--oidc-user OIDC_USERNAME
OIDC username
--oidc-password OIDC_PASSWORD
OIDC password
--oidc-scope OIDC_SCOPE
Defines which (OIDC) information user will share with
Rucio. Rucio requires at least -sc='openid profile'.
To request refresh token for Rucio, scope must include
'openid offline_access' and there must be no active
access token saved on the side of the currently used
Rucio Client.
--oidc-audience OIDC_AUDIENCE
Defines which audience are tokens requested for.
--oidc-auto If not specified, username and password credentials
are not required and users will be given a URL to use
in their browser. If specified, the users explicitly
trust Rucio with their IdP credentials.
--oidc-polling If not specified, user will be asked to enter a code
returned by the browser to the command line. If
--polling is set, Rucio Client should get the token
without any further interaction of the user. This
option is active only if --auto is *not* specified.
--oidc-refresh-lifetime OIDC_REFRESH_LIFETIME
Max lifetime in hours for this access token; the token
will be refreshed by an asynchronous Rucio daemon. If
not specified, refresh will be stopped after 4 days.
This option is effective only if --oidc-scope includes
offline_access scope for a refresh token to be granted
to Rucio.
--oidc-issuer OIDC_ISSUER
Defines which Identity Provider is going to be used.
The issuer string must correspond to the keys
configured in the /etc/idpsecrets.json auth server
configuration file.
--certificate CERTIFICATE
Client certificate file.
--client-key CLIENT_KEY
Client key for x509 Authentication.
--ca-certificate CA_CERTIFICATE
CA certificate to verify peer against (SSL).