From fec61394c1f46f4e0cd5af3496f4b4e6cf02cfad Mon Sep 17 00:00:00 2001
From: Karen Etheridge <ether@joyent.com>
Date: Mon, 11 Jan 2021 12:25:55 -0800
Subject: [PATCH] document how to generate credentials in the local database
 for testing purposes

---
 README.md | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)

diff --git a/README.md b/README.md
index fa45efdfb..92affe138 100644
--- a/README.md
+++ b/README.md
@@ -66,6 +66,26 @@ including database connectivity information.
 
 * `make run`
 
+## Creating Local Credentials
+
+First, you need to get a login token into the local database. We can do this by leveraging the
+knowledge that an encrypted password entry of `''` will match against all supplied inputs:
+
+  $ psql -U conch conch --command="insert into user_account (name, password, email) values ('me', '', 'your_email@joyent.com')"
+
+Now, we use this email and password to generate a login token:
+
+  make run
+  curl -i -H'Content-Type: application/json' --url http://127.0.0.1:5001/login -d '{"email":"your_email@joyent.com","password":"anything"}'
+
+You will see output like this:
+
+  {"jwt_token":"eyJInR5cCI6Iwhargarbl.eyJl9pZCI6ImM1MGYwhargarbl.WV3uJEvg0bqInI9pEtl04ZZ8ECN4yQOSmehello"}
+
+Save that token somewhere, such as in an environment variable or a file, for use in future API calls. You will include it in the "Authorization" header, for example:
+
+  curl -i --url https://staging.conch.joyent.us/user/me --header "Authorization: Bearer eyJInR5cCI6Iwhargarbl.eyJl9pZCI6ImM1MGYwhargarbl.WV3uJEvg0bqInI9pEtl04ZZ8ECN4yQOSmehello"
+
 ## Docker
 
 ### Compose