.. meta::
   :description: The tl-sso-password command integrates ThinLinc's
                 single sign-on with new applications, allowing password
                 retrieval and validation, with options for password
                 removal after use.

.. raw:: pdf

   PageBreak

tl-sso-password
===============

Synopsis
--------

**tl-sso-password** [*options*]

Description
-----------

The :program:`tl-sso-password` command can be used to hook up the single
sign-on mechanism of ThinLinc with new applications. It can be used to
test for the presence of a valid password and to feed that password out
on standard output to another application.

To check for the existence of a valid password, invoke the command as
:option:`tl-sso-password --check`. A return code of zero indicates a
valid password.

If the :option:`--remove` option is specified, the password will be
removed, after the retrieval or check.

There are two basic models to connect :program:`tl-sso-password` to an
application. The first is to use shell pipes:

.. code:: console

   $ tl-sso-password | /usr/bin/application --read-password-on-stdin

The second is to have the application invoke :program:`tl-sso-password`
as needed:

.. code:: console

   $ /usr/bin/application --password-prog tl-sso-password

Options
-------

.. option:: -c, --check

   Returns 0 if password is available, instead of fetch.

.. option:: -h, --help

   Prints a short help text and exits.

.. option:: -r, --remove

   Removes the password after fetch or check.

.. option:: --version

   Prints the ThinLinc version and exits.

See also
--------

:program:`tl-sso-token-passphrase`\ (1)
