Vibengine
CLI

CLI Authentication

Authenticate with the Vibengine CLI

CLI Authentication

The ve auth commands manage your CLI credentials. You need to authenticate before using sandbox or template commands.

Login

Start the browser-based authentication flow:

ve auth login

This opens your default browser to https://vibengine.ai/auth/cli, where you sign in with your Vibengine account and authorize the CLI. Once authorized, the CLI stores your credentials locally.

$ ve auth login
Opening browser to https://vibengine.ai/auth/cli...
Waiting for authentication...
✓ Logged in as jack@example.com

If the browser does not open automatically, copy the URL printed in the terminal and paste it into your browser manually.

Login with an API Key

If you prefer not to use the browser flow (for example, on a headless server), you can provide an API key directly:

ve auth login --api-key ve_sk_abc123...

This stores the API key in the same credential file as the browser-based flow.

Logout

Remove stored credentials from your machine:

ve auth logout
$ ve auth logout
✓ Logged out successfully. Credentials removed.

Check Current Identity

Verify which account is currently authenticated:

ve auth whoami
$ ve auth whoami
Email:   jack@example.com
Team:    Jack's Team
Plan:    Pro
API Key: ve_sk_...abc1 (last 4 chars)

If no credentials are stored, the command exits with an error:

$ ve auth whoami
✗ Not authenticated. Run `ve auth login` first.

Using Environment Variables

Instead of logging in, you can set the VE_API_KEY environment variable. This is the recommended approach for CI/CD pipelines and automated workflows.

export VE_API_KEY=ve_sk_abc123...

Or pass it inline:

VE_API_KEY=ve_sk_abc123... ve sandbox list

Never commit your API key to version control. Use environment variables or secret management tools in CI/CD environments.

Credential Storage

The CLI stores credentials in a local configuration file:

OSPath
macOS~/.config/vibengine/credentials.json
Linux~/.config/vibengine/credentials.json
Windows%APPDATA%\vibengine\credentials.json

The file contains your access token or API key. It is readable only by your user account (file permissions 600).

{
  "access_token": "ve_sk_abc123...",
  "email": "jack@example.com",
  "team_id": "team_xyz"
}

Running ve auth logout deletes this file entirely.

Authentication Priority

When multiple credential sources exist, the CLI uses them in this order:

  1. --api-key command-line flag (highest priority)
  2. Stored credentials from ve auth login
  3. VE_API_KEY environment variable (lowest priority)

This allows you to override stored credentials on a per-command basis without logging out.

CLI Overview

Install and use the Vibengine command-line interface

Sandbox Commands

Manage sandboxes from the command line

On this page

CLI AuthenticationLoginLogin with an API KeyLogoutCheck Current IdentityUsing Environment VariablesCredential StorageAuthentication Priority