In our CICD pipelines, we used to authorize devhub first using sfdx auth url and then create scratch orgs using same devhub. We use the command "sfdx force:org:display --verbose" to get the sfdx auth urls of the scratch orgs which we subsequently use for other CI processes in the pipeline. We thought of switching to JWT bearer flow to authorize devhub due to the frequent expiration of the refresh token which disrupts the pipelines.
We were successfully able to authorize the devhub using the JWT approach but after that on using "sfdx force:org:display --verbose" command, we are not able to get the sfdx auth url for the scratch org. I read and found that it is an expected behavior. Since all our pipelines are already set up, now authorizing scratch org with another approach would require a major pipeline design change. Is there any workaround to generate the sfdx auth url for the scratch orgs after authorizing devhub with JWT flow?
you can use https://developer.salesforce.com/docs/atlas.en-us.sfdx_dev.meta/sfdx_dev/sfdx_dev_auth_view_info.htm
but instead of using a
sfdx force:org:display -u my-scratch-org --verboseuse a
sfdx force:org:display -u username@scratchorg --verbose --json > ScratchOrgForceUrl.jsonwhich generate a forceUrl json which can use it to authorize using
Here is more in documentation
https://developer.salesforce.com/docs/atlas.en-us.sfdx_cli_reference.meta/sfdx_cli_reference/cli_reference_auth_sfdxurl.htm