open-consul/website/pages/docs/commands/acl/auth-method/create.mdx

---
layout: docs
page_title: 'Commands: ACL Auth Method Create'
sidebar_title: create
---

# Consul ACL Auth Method Create

Command: `consul acl auth-method create`

The `acl auth-method create` command creates new auth methods.

## Usage

Usage: `consul acl auth-method create [options] [args]`

#### API Options

@include 'http_api_options_client.mdx'

@include 'http_api_options_server.mdx'

#### Command Options

- `-description=<string>` - A description of the auth method.

- `-meta` - Indicates that auth method metadata such as the raft indices should
  be shown for each entry.

- `-name=<string>` - The new auth method's name. This flag is required.

- `-type=<string>` - The new auth method's type. This flag is required.

- `-kubernetes-ca-cert=<string>` - PEM encoded CA cert for use by the TLS
  client used to talk with the Kubernetes API. May be prefixed with '@' to
  indicate that the value is a file path to load the cert from. This flag is
  required for `-type=kubernetes`.

- `-kubernetes-host=<string>` - Address of the Kubernetes API server. This flag
  is required for `-type=kubernetes`.

- `-kubernetes-service-account-jwt=<string>` - A Kubernetes service account JWT
  used to access the TokenReview API to validate other JWTs during login. This
  flag is required for `-type=kubernetes`.

- `-format={pretty|json}` - Command output format. The default value is `pretty`.

#### Enterprise Options

@include 'http_api_namespace_options.mdx'

## Examples

Create a new Kubernetes auth method:

```shell
$ consul acl auth-method create -name minikube -type kubernetes \
    -description 'minikube auth method' \
    -kubernetes-host 'https://192.0.2.42:8443' \
    -kubernetes-ca-cert '@minikube-ca.crt' \
    -kubernetes-service-account-jwt 'eyJhbGciOiJSUzI1NiIsImtpZCI...'
Name:         minikube
Type:         kubernetes
Description:  minikube auth method
Config:
{
  "CACert": "-----BEGIN CERTIFICATE-----\n...-----END CERTIFICATE-----\n",
  "Host": "https://192.0.2.42:8443",
  "ServiceAccountJWT": "eyJhbGciOiJSUzI1NiIsImtpZCI..."
}
```
docs: add documentation for all secure acl introduction work (#5640) 2019-05-01 21:11:23 +00:00			`---`
intro and api navigation converted 2020-04-07 18:55:19 +00:00			`layout: docs`
			`page_title: 'Commands: ACL Auth Method Create'`
remove 'sidebar_current' from frontmatter 2020-04-13 18:40:26 +00:00			`sidebar_title: create`
docs: add documentation for all secure acl introduction work (#5640) 2019-05-01 21:11:23 +00:00			`---`

			`# Consul ACL Auth Method Create`

			Command: `consul acl auth-method create`

			The `acl auth-method create` command creates new auth methods.

			`## Usage`

			Usage: `consul acl auth-method create [options] [args]`

			`#### API Options`

intro and api navigation converted 2020-04-07 18:55:19 +00:00			`@include 'http_api_options_client.mdx'`
docs rendering 2020-04-07 23:56:08 +00:00
intro and api navigation converted 2020-04-07 18:55:19 +00:00			`@include 'http_api_options_server.mdx'`
docs: add documentation for all secure acl introduction work (#5640) 2019-05-01 21:11:23 +00:00
			`#### Command Options`

intro and api navigation converted 2020-04-07 18:55:19 +00:00			- `-description=<string>` - A description of the auth method.
docs: add documentation for all secure acl introduction work (#5640) 2019-05-01 21:11:23 +00:00
intro and api navigation converted 2020-04-07 18:55:19 +00:00			- `-meta` - Indicates that auth method metadata such as the raft indices should
docs: add documentation for all secure acl introduction work (#5640) 2019-05-01 21:11:23 +00:00			`be shown for each entry.`

intro and api navigation converted 2020-04-07 18:55:19 +00:00			- `-name=<string>` - The new auth method's name. This flag is required.
docs: add documentation for all secure acl introduction work (#5640) 2019-05-01 21:11:23 +00:00
intro and api navigation converted 2020-04-07 18:55:19 +00:00			- `-type=<string>` - The new auth method's type. This flag is required.
docs: add documentation for all secure acl introduction work (#5640) 2019-05-01 21:11:23 +00:00
intro and api navigation converted 2020-04-07 18:55:19 +00:00			- `-kubernetes-ca-cert=<string>` - PEM encoded CA cert for use by the TLS
docs: add documentation for all secure acl introduction work (#5640) 2019-05-01 21:11:23 +00:00			`client used to talk with the Kubernetes API. May be prefixed with '@' to`
			`indicate that the value is a file path to load the cert from. This flag is`
			required for `-type=kubernetes`.

intro and api navigation converted 2020-04-07 18:55:19 +00:00			- `-kubernetes-host=<string>` - Address of the Kubernetes API server. This flag
docs: add documentation for all secure acl introduction work (#5640) 2019-05-01 21:11:23 +00:00			is required for `-type=kubernetes`.

intro and api navigation converted 2020-04-07 18:55:19 +00:00			- `-kubernetes-service-account-jwt=<string>` - A Kubernetes service account JWT
docs: add documentation for all secure acl introduction work (#5640) 2019-05-01 21:11:23 +00:00			`used to access the TokenReview API to validate other JWTs during login. This`
			flag is required for `-type=kubernetes`.

intro and api navigation converted 2020-04-07 18:55:19 +00:00			- `-format={pretty\|json}` - Command output format. The default value is `pretty`.
Add acl commands -format option to doc. 2020-03-26 16:03:22 +00:00
Add Namespace support to the API module and the CLI commands (#6874) Also update the Docs and fixup the HTTP API to return proper errors when someone attempts to use Namespaces with an OSS agent. Add Namespace HTTP API docs Make all API endpoints disallow unknown fields 2019-12-06 16:14:56 +00:00			`#### Enterprise Options`

intro and api navigation converted 2020-04-07 18:55:19 +00:00			`@include 'http_api_namespace_options.mdx'`
Add Namespace support to the API module and the CLI commands (#6874) Also update the Docs and fixup the HTTP API to return proper errors when someone attempts to use Namespaces with an OSS agent. Add Namespace HTTP API docs Make all API endpoints disallow unknown fields 2019-12-06 16:14:56 +00:00
docs: add documentation for all secure acl introduction work (#5640) 2019-05-01 21:11:23 +00:00			`## Examples`

			`Create a new Kubernetes auth method:`

docs rendering 2020-04-07 23:56:08 +00:00			```shell
docs: add documentation for all secure acl introduction work (#5640) 2019-05-01 21:11:23 +00:00			`$ consul acl auth-method create -name minikube -type kubernetes \`
			`-description 'minikube auth method' \`
			`-kubernetes-host 'https://192.0.2.42:8443' \`
			`-kubernetes-ca-cert '@minikube-ca.crt' \`
			`-kubernetes-service-account-jwt 'eyJhbGciOiJSUzI1NiIsImtpZCI...'`
			`Name: minikube`
			`Type: kubernetes`
			`Description: minikube auth method`
			`Config:`
			`{`
			`"CACert": "-----BEGIN CERTIFICATE-----\n...-----END CERTIFICATE-----\n",`
			`"Host": "https://192.0.2.42:8443",`
			`"ServiceAccountJWT": "eyJhbGciOiJSUzI1NiIsImtpZCI..."`
			`}`
			```