Create the Bootstrap Token

The bootstrap token is a token that allows you to access the API resources of an Organization after the Organization has been created. You use the bootstrap token to set up authentication for the Organization.

In practice you need the bootstrap token to create an organization and to set up the first user with Organization.MANAGE permissions, after the setup you can use this user for setting up everything else.

Create the Bootstrap Token

To create the bootstrap token, do the following:

  1. Construct a token string.
  2. Encode the token string using Base64.

Construct a Token String

To construct the token string, use the following format:



  • <adminUser> is the username of the Organization administrator. <adminUser> is defined in the YAML definition of the Organization custom resource.

  • <adminPassword> is the password of the Organization administrator. <adminPassword> was created when you generated its salted hash for the YAML definition of the Organization custom resource.

    To construct the token string, use the administrator’s password in plain text, not its salted hash.

Example: If your administrator’s username is admin and the administrator’s password is MySecretPassword, the token string should be constructed as follows:


Encode the Token String Using Base64

To encode the token string using Base64, use one of the following methods:

  • From the command line, run the following command (admin and MySecretPassword are used as an example administrator’s username and password in the following code sample):

    echo -n 'admin:bootstrap:MySecretPassword' | base64

    Make sure to keep the -n option in the echo command. The -n option suppresses a newline at the end of the generated string. If the -n option is not included in the command, the resulting token will not be valid.

  • Use any free online tool for Base64 encoding (for example,, where the encoding is done on the client’s side and the password is not sent anywhere).

The bootstrap token looks similar to the following:


Copy and store the bootstrap token. Because the bootstrap token grants unlimited access to the Organization, keep it safe.