auth

The auth command group provides commands for managing authentication with the Ocuroot server. Authentication tokens can be stored either globally or locally within a source repository. The OCUROOT_API_KEY environment may also be used for authentication within a third-party CI platform.

Order of precedence for authentication:

  1. OCUROOT_API_KEY environment variable
  2. Local repository auth file (~/.ocuroot/auth)
  3. Global auth file (~/.ocuroot/auth)

Commands

login

ocuroot auth login [--local]

Login to Ocuroot using your browser. This will open your default browser to complete the authentication process. After successful authentication, the server will redirect to a local endpoint to save your credentials.

Options:

  • --local: Store credentials in the local repository’s .ocuroot/auth file instead of globally in ~/.ocuroot/auth

logout

ocuroot auth logout [--local]

Remove stored authentication credentials. If using the OCUROOT_API_KEY environment variable, you will be warned that it will still be used for authentication.

Options:

  • --local: Remove credentials from the local repository’s .ocuroot/auth file instead of globally from ~/.ocuroot/auth

view

ocuroot auth view [--local]

View current authentication status and token source. This will show:

  • Whether you’re using an environment variable token or a stored token file
  • The location of the token
  • The organization associated with the token
  • The identity (user or service account) associated with the token

Options:

  • --local: Check for credentials in the local repository’s .ocuroot/auth file instead of globally in ~/.ocuroot/auth

Examples

Login and store credentials globally:

ocuroot auth login

Login and store credentials in the current repository:

ocuroot auth login --local

View current authentication status:

ocuroot auth view

Remove stored credentials:

ocuroot auth logout
version