Client-side single-signon script.

Usage Notes

Triggers of type auth-check-sso fire when standard users run the p4 login command. Two scripts are run: a client-side script is run on the user's workstation, and its output is passed (in plaintext) to the Perforce Server, where the server-side script runs.

  • On the user's client workstation, a script (whose location is specified by the P4LOGINSSO environment variable) is run to obtain the user's credentials or other information verifiable by the Perforce Server. The P4LOGINSSOcontains the name of the client-side script and zero or more of the following trigger variables, passed as parameters to the script: %user%, %serverAddress%, and %P4PORT%. For example,

    export P4LOGINSSO="/path/to/sso-client.sh %user% %serverAddress% %P4PORT%"

    Where %user% is the Perforce client user, %serverAddress% is the address of the target Perforce server, and %P4PORT% is an intermediary between the client and the server.

  • On the server, the output of the client-side script is passed to the server-side script as standard input. The server-side script specified in the trigger table runs, and the server returns an exit status of 0 if successful.

    With a distributed configuration in which a proxy or broker acts as an intermediary between the client and the server, the %serverAddress% variable will hold the address/port of the server and the %P4PORT% variable will hold the port of the intermediary. It is up to the script to decide what to do with this information.

Used by Client?

Used by Server?

Command-Line Alternative

Can be set in P4CONFIG file?





Value if not Explicitly Set

Operating System







For further information, see the Perforce Server Administrator's Guide: Fundamentals.