Authorizing Access to the Leap Service#
Ocean’s SDK releases 6.6 and higher enable Leap™ authentication using the secure OAuth 2.0 industry standard. As described in the Configuring Access to the Leap Service (Basic) section, you require a Solver API (SAPI) token from your Leap account to submit problems to Leap solvers. The following procedure authorizes the Ocean software access to your account in the Leap service and enables storing your SAPI token in your development environment. Ocean software authorization to access the Leap service persists across subsequent development sessions for this development environment.
Note
The following OAuth-based procedure is provided for convenience but you also have the option of manually copying your SAPI token from the dashboard in the Leap service. The Configuring Access to the Leap Service (Basic) section provides more information.
This procedure uses the Ocean software CLI commands
that you enter into your terminal. You can see help documentation for these
commands and all their options with the CLI’s --help option.
For any new developer environment (for example, a Python virtual environment or a GitHub Codespaces codespace), authorize the Ocean software access to your account in the Leap service, using the secure OAuth 2.0 code exchange, by running one of the following commands from your terminal.
In an environment such as an IDE installed on your system, where you can access localhost addresses from your browser, initiate the OAuth redirect flow:
dwave auth login
In an environment such as a cloud IDE, where access to localhost addresses from your browser might be blocked, you can initiate the alternative OAuth out-of-band flow:
dwave auth login --oob
If you are not currently logged into the Leap service, you are asked to enter your credentials.
Figure 194 shows the login screen.
Fig. 194 Login screen in the Leap service.#
When you are logged into the Leap service, you are asked to grant the Ocean software permission to fetch an authorization code.
Figure 195 shows the authorization request.
Fig. 195 Authorization request screen.#
Click the
Authorizebutton.For the OAuth redirect flow, the authorization code is now stored in your development environment; for the OAuth out-of-band flow, your browser displays the authorization code.
For the OAuth out-of-band flow only, copy the authorization code to your terminal’s “
Authorization code:” prompt, similar to the representative shell lines shown below:$ dwave auth login --oob Please visit the following URL to authorize Ocean: https://leap.dwavesystems.com/leap/openid/authorize?response_type=code&client_id=96... Authorization code: 717983...
Figure 196 shows the authorization code returned in a browser tab for you to copy to the terminal prompt.
Fig. 196 Authorization code screen#
Create a dwave-cloud-client configuration file to manage your SAPI access by running the following command from your terminal:
dwave config create --auto-token
Validate the configuration by running the following command in your terminal:
dwave ping
If you cloned a D-Wave example, you can now run it.