From ee74c5f5b2ce1bbe54bb018867e2e5a3ee45fa5b Mon Sep 17 00:00:00 2001
From: Megan Guiney <meganmguiney@gmail.com>
Date: Tue, 25 Jul 2017 14:37:50 -0700
Subject: [PATCH] Add token auth instructions to documentation

Token authentication was added to RefStack in February, but the
refstack-client documentation had not been changed to show how to
generate and test these tokens.

Change-Id: Ied40c950d7c6b9318dfaba1f729508e3a986ca02
---
 README.rst | 15 ++++++++++++++-
 1 file changed, 14 insertions(+), 1 deletion(-)

diff --git a/README.rst b/README.rst
index a4d87b7..b589468 100644
--- a/README.rst
+++ b/README.rst
@@ -127,7 +127,20 @@ Usage
    signature can be found at
    https://github.com/openstack/refstack/blob/master/doc/source/uploading_private_results.rst
 
-7. List uploaded test set.
+7. Create a JSON web token to use for authentication to your privately
+   uploaded data
+
+   In order to authenticate to the refstack-server to which you have uploaded
+   your data, you will need to generate a JSON webtoken. To generate a valid
+   token, use the command::
+
+       jwt --key="$( cat %path to private key% )" --alg=RS256 user_openid=%openstackid% exp=+100500
+
+   To test authentication in the API, use the command::
+
+       curl -k --header "Authorization: Bearer %token%" https://localhost.org/v1/profile
+
+8. List uploaded test set.
 
    You can list previously uploaded data from a RefStack API server by using
    the following command::