*condor_test_token*
===================

Create a short-lived SciToken to authenticate with local HTCondor daemons
:index:`condor_test_token<single: condor_test_token; HTCondor commands>`
:index:`condor_test_token command`

Synopsis
--------

**condor_test_token** [**--help**]

**condor_test_token**
**--issuer** *issuer-url*
**--scope** *scopes*
[**--subject** *subject*]
[**--lifetime** *lifetime*]
[**--audience** *audience*]
[**--cache** *cache-location*]

Description
-----------

*condor_test_token* generates a temporary signing key, adds it to the
local SciTokens cache for the given issuer, creates a short-lived
token signed by the key, and prints the token to stdout.
Local HTCondor daemons will treat this token like any reguluar token
generated by the given issuer for a short period of time (one hour).

If the HTCondor daemons were started as root, then the tool must be
run as the condor user.

Options
-------

 **--help**
    Display usage information
 **--issuer** *issuer-url*
    Specify the issuer to impersonate
 **--scope** *scopes*
    Specify the scope claim for the token
 **--subject** *subject*
    specify the sub claim for the token (default is no sub claim)
 **--lifetime** *lifetime*
    Specify the lifetime of the token in seconds (default 1 hour)
 **--audience** *audience*
    Specify the aud claim for the token (default is no aud claim)
 **--cache** *cache-location*
    Specify the SciTokens cache location (default is to find cache via
    HTCondor configuration files)

Examples
--------

To create a SciToken with WRITE-level access for user Alice that
appears to be issued by the SciTokens demo issuer:

.. code-block:: console

    $ condor_test_token --issuer https://demo.scitokens.org \
        --scope condor:/WRITE --sub alice@foo.org --aud ANY

Exit Status
-----------

*condor_test_token* will exit with a status value of 0 (zero) upon
success, and it will exit with the value 1 (one) upon failure.