We’re excited to share a new, easy way to authenticate the FOSSA CLI. Our friends at 1Password have released a shell plugin that will enable FOSSA users to authenticate with a simple fingerprint scan.
Although there are multiple ways to use FOSSA’s open source management products, many of our customers prefer the FOSSA CLI. This is because our CLI offers the most performant, accurate, and secure method of integration. Additionally, it provides accurate and permanent build results and doesn’t require you to give FOSSA servers access to your code,
And, with 1Password’s shell plugin, you can now securely authenticate the FOSSA CLI with your fingerprint or system authentication, rather than storing your credentials in plaintext.
This plugin supports the Bash, Zsh, and Fish shells.
First, make sure you have a FOSSA account — if you don't, you can sign up by clicking the "create your FOSSA account" link above.
Then, make sure you’ve installed the FOSSA CLI. If you haven’t, visit our docs to get started.
If you don’t currently have a 1Password account, sign up by visiting this link. Then, follow these steps:
- Install 1Password 8 for Mac or Linux
- Add your accounts to the app
- Install 1Password CLI 2.9.0 or later; If you've already installed 1Password CLI, update your installation
- Connect 1Password CLI with the 1Password app
Step 1: Import/Select Credentials
Get started by opening the terminal and entering the following command:
$ op plugin init fossa
The next step will depend on whether your FOSSA credentials are already in 1Password.
If your FOSSA credentials aren’t in 1Password
Select “Import into 1Password.” 1Password will either detect your credentials and prompt you to import them, or you’ll be asked to enter them manually.
If you need to enter your credentials manually, you’ll want to log into your FOSSA account, visit your Account Settings, and then create an API token.
Once you’ve imported your credentials, you'll be asked to name your new 1Password item and pick the vault where you want to save it.
If your FOSSA credentials are already in 1Password
Select Search; this will produce a list of related items (and vaults where they’re saved). If your credentials don’t appear, select “Expand search” to list all items in your account
Step 2: Set Your Default Credential Scope
Once you’ve selected (or imported) your credentials, 1Password will prompt you to configure when to use the item to authenticate FOSSA.
Per 1Password’s documentation, the configuration options can be explained as follows:
- "Prompt me for each new terminal session" will only configure the credentials for the duration of the current terminal session. Once you exit the terminal, the default will be removed.
- "Use automatically when in this directory or subdirectories" will make the credentials the default in the current directory and all of its subdirectories, as long as no other directory-specific defaults are set in them. A terminal-session default takes precedence over a directory-specific one.
- "Use as global default on my system" will set the credentials as the default in all terminal sessions and directories. A directory-specific default takes precedence over a global one.
Step 3: Source the plugins.sh File
To make 1Password’s Shell plugin available, you’ll need to source your plugins.sh file. For example:
The file path for your
op folder may vary, but running
op plugin init will output a source command with the correct file path. For more examples, reference 1Password’s documentation.
Step 4: Run the FOSSA CLI
Once you’ve completed the above steps, 1Password will prompt you to authenticate the next time you enter a command in your FOSSA CLI.
After saving your FOSSA credentials in 1Password, you can remove all local copies you previously had stored on disk.
If you’re having any trouble setting up this fingerprint authentication, please feel free to reference 1Password’s documentation. Or, if you have any questions about using FOSSA’s CLI (or signing up for a paid FOSSA account), please contact our team (or reach out to your customer success representative).