This article will explain how to use User Account and Authentication (UAA) CLI (UAAC) to make a request and retrieve the access token.

In order to make this change, follow these steps.

1. Install the User Account and Authentication (UAA) Command Line Interface (UAAC) or SSH to the Ops Manager VM which starting in Ops Manager 1.7 ships with the UAAC tool already installed.

$ gem install cf-uaac 

2. Make sure UAAC is installed. Run this command:

$ which uaac. 

This should give you the location where UAAC is installed.

3.Target your Ops Manager UAA and provide the path to your root CA certificate. Run this command:

$ uaac target https://YOUR-OPSMAN-FQDN/uaa/ --ca-cert YOUR-ROOT-CA.crt
Target: https://YOUR-OPSMAN-FQDN/uaa/. 

4. Get your token with this command:

$ uaac token owner get 

Client ID:  opsman
Client secret:
User name:  admin
Password:  *********
Successfully fetched token via owner password grant.
Target: https://om.deschutes.mini.pez.pivotal.io/uaa
Context: admin, from client opsman 

Use the user name and password you used above to log into the Ops Manager web interface for User name and Password. Click "Enter" for Client secret.

5. Run the following command to display the users and applications authorized by the UAA server, and the permissions granted to each user and application.

$ uaac context
[1][https://YOUR-OPSMAN-FQDN/uaa]
skip_ssl_validation: true
ca_cert: /Users/pivotal/.ssh/YOUR-ROOT-CA.crt
[0]*[admin]
user_id: 75acfdfa-9449-4497-a093-ce40ded250ac
client_id: opsman
access_token: LONG_ACCESS_TOKEN_STRING
token_type: bearer
refresh_token: LONG_REFRESH_TOKEN_STRING
expires_in: 43199
scope: clients.read opsman.user uaa.admin scim.read opsman.admin clients.write scim.write
jti: 8419c793d377429aa40eea07fb6e7686