Log in
Sign in to the CLI with GitHub or Google, or use an API key for headless hosts.
artifacts login
The CLI opens your default browser at https://user.tonbo.dev/login, you sign
in, and the browser hands a short-lived authorization back to the CLI
on a local callback. Subsequent commands read the saved credentials at
~/.config/tonbo/artifacts/credentials.json (mode
0600); you don't need to re-authenticate per shell.
Verify
artifacts workspace list
# {"workspaces":[]} on a fresh login
Headless hosts (no browser)
Some environments can't receive a loopback browser callback, a Fly machine shell, a CI runner, a container with no display. Two options:
- Use manual-code login for an interactive remote shell
Manual-code mode still uses the normal OAuth flow, but the browser shows a short one-time code that you paste back into the terminal.
artifacts login --manual-code - Use an API key for fully non-interactive hosts
API keys come from your User Center account, not the CLI. Mint a
tbo_*key in the dashboard, then export it on the headless host. Both the CLI and the SDK auto-detect it, so noartifacts loginstep is needed:export TONBO_API_KEY=tbo_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx artifacts mount my-workspace /mnt/workSee API keys for the full pattern.
Logout
artifacts logout
Removes
~/.config/tonbo/artifacts/credentials.json. Doesn't
touch the BYO credentials cache (separate file at
~/.config/tonbo/artifacts/byo-credentials); use
artifacts storage clear for that.