Managing users, groups, and AUP agreements

See: IAM Documentation for Administrators: 

Obtaining proxies from IAM

In both cases, ensure that an entry exists for the ATLAS IAM server (voms-atlas-auth.app.cern.ch) in `/etc/vomses`; if not, create an entry with the following content:

"atlas" "voms-atlas-auth.app.cern.ch" "443" "/DC=ch/DC=cern/OU=computers/CN=atlas-auth.web.cern.ch" "atlas"

Obtaining an x.509 proxy

For a VOMS proxy:

voms-proxy-init --vomses voms-atlas-auth.app.cern.ch --voms atlas

For an ARC proxy:

arcproxy --vomses voms-atlas-auth.app.cern.ch --voms atlas

Obtaining a token

1. Start oidc-agent

2. # Get a one-time refresh token (only needed the first time registering; enter the generated code when prompted):
   oidc-gen --flow=device --issuer=https://atlas-auth.web.cern.ch/ --scope-all atlas
   # After the first registration, skip the step above and instead simply add access to the refresh token:
   oidc-add atlas

3. # Obtain the new token:
   oidc-token atlas

More Information:

WLCG AuthZ Documentation