NAME

       gfal-token - retrieve SE-issued token for a given path

SYNOPSIS

       gfal-token [ OPTION ]...  PATH [ ACTIVITY ]...

DESCRIPTION

       gfal-token  This  command  retrieves  a  Storage  Element  issued  token for a given path.
       Additionally, a token issuer URL may be passed.  The command can take  either  a  list  of
       user-defined  activities  or  use  predefined  activities  for the read/write access flag.
       Behind the scenes, Gfal2 will try to first retrieve a SciTokens-style token, followed by a
       macaroon-style token.  If at any point, a token is successfully retrieved, operation stops
       and the token is printed.

OPTIONS

       -h, --help
              show help about the command.

       -V, --version
              output version information and exit.

       -v, --verbose
              verbose mode. Repeat up to 3 times for the most verbose mode.

       -D, --definition DEFINITION
              define   properties   for   gfal2.   Definitions   have   the   following   syntax:
              "CONFIG_GROUP:KEY=VALUE"

       -t, --timeout TIMEOUT
              global  timeout  for  the  execution of the command. Command is interrupted if time
              expires before it finishes. Note: A grace period of 30  seconds  is  given  to  the
              global timeout.

       -E, --cert CERT
              user  certificate. (This option takes effect only after X509_USER_PROXY environment
              variable and default /tmp/x509up_u`id -u` location cannot provide a certificate)

       --key KEY
              user private key.

       -4     forces Gfal2 to use IPv4 addresses only. (Option valid only for GridFTP protocol)

       -6     forces Gfal2 to use IPv6 addresses only. (Option valid only for GridFTP protocol)

       -C, --client-info CLIENT_INFO
              provide custom client-side information.

       --log-file LOG_FILE
              write Gfal2 library logs to the given file location.

       --issuer ISSUER
              token issuer endpoint.

       --validity VALIDITY
              token validity expressed in minutes.

       -w, --write
              token read/write access flag. Default activities associated with these flags:  read
              = [LIST,DOWNLOAD], write = [LIST,DOWNLOAD,MANAGE,UPLOAD,DELETE]

       PATH   resource URI for which token is requested.

       ACTIVITY
              optional  argument,  user-specified  activity list. This list takes precedence over
              the read/write access flag default activities.

EXAMPLES

       Retrieve a SE-issued token using default write activities
              gfal-token --write https://endpoint.cern.ch/path/file

       Retrieve a SE-issued token using custom activities
              gfal-token https://endpoint.cern.ch/path/file LIST MANAGE UPLOAD

FILES

       /etc/gfal2.d/*
              All configuration files in this directory affect the  behavior  of  the  underlying
              gfal2.

AUTHORS

       Duarte Meneses <duarte.meneses@cern.ch>
       Adrien Devresse <adrien.devresse@cern.ch>
       Alejandro Alvarez Ayllon <alejandro.alvarez.ayllon@cern.ch>
       Andrea Manzi <andrea.manzi@cern.ch>
       Mihai Patrascoiu <mihai.patrascoiu@cern.ch>
       Joao Lopes <joao.pedro.batista.lopes@cern.ch>

SEE ALSO

       gfal-cat(1), gfal-chmod(1), gfal-copy(1), gfal-ls(1), gfal-mkdir(1), gfal-rename(1), gfal-
       rm(1),  gfal-save(1),  gfal-stat(1),  gfal-sum(1),  gfal-token(1),  gfal-xattr(1),   gfal-
       evict(1), gfal-bringonline(1), gfal-archivepoll(1)