<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeKnowledge Base
How to Reduce the Need to Re-authorize by Opening Device Authorization URL when Using Okta AWS CLI
Jun 24, 2024
Okta Identity Engine
API Access Management
Overview

This article describes how to cache the access token used by Okta AWS CLI so as to reduce the need to open the Device Authorization URL. 

Applies To
Cause
By default, the Okta AWS CLI will prompt the user to re-auth frequently by opening a browser window as governed by the device authorization grant flow.
Solution
When using the Okta AWS CLI, either:
  • pass the --cache-access-token flag to the CLI; 
or
  • set an environment variable (or .env file) to contain the variable OKTA_AWSCLI_CACHE_ACCESS_TOKEN=true.
This will cache the access token at $HOME/.okta/awscli-access-token.json

Recommended content

Still looking for help?
Loading
How to Reduce the Need to Re-authorize by Opening Device Authorization URL when Using Okta AWS CLI