Skip to content

auth login: allow user-scoped API key without --oid #289

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
maximelb merged 1 commit into from
May 7, 2026
Merged

auth login: allow user-scoped API key without --oid #289

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
40 changes: 28 additions & 12 deletions limacharlie/commands/auth.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -129,18 +129,34 @@ def login(ctx: click.Context, oid: str | None, api_key: str | None, environment:

if oauth:
_login_oauth(ctx, oid, env_name, provider, no_browser)
else:
if not oid or not api_key:
click.echo(
"Error: --oid and --api-key are required for API key login.\n"
"Suggestion: Use --oauth for browser-based OAuth login, or provide both --oid and --api-key.",
err=True,
)
ctx.exit(4)
return
write_credentials(env_name, oid=oid, api_key=api_key, uid=uid or "")
if not ctx.obj.quiet:
click.echo(f"Credentials saved for environment '{env_name}'.")
return

# API key login. Two valid shapes:
# 1. --oid + --api-key — org-scoped key (and optional --uid for service accounts).
# 2. --uid + --api-key (oid optional) — user-scoped key on a brand-new account with no orgs yet.
if not api_key:
click.echo(
"Error: --api-key is required for API key login.\n"
"Suggestion: Use --oauth for browser-based OAuth login, or provide --api-key with "
"either --oid (org-scoped key) or --uid (user-scoped key).",
err=True,
)
ctx.exit(4)
return

if not oid and not uid:
click.echo(
"Error: provide either --oid (org-scoped key) or --uid (user-scoped key) along with --api-key.\n"
"Suggestion: --uid is correct for User API Keys generated under your account profile; "
"--oid is correct for Organization API Keys generated under an org's settings.",
err=True,
)
ctx.exit(4)
return

write_credentials(env_name, oid=oid, api_key=api_key, uid=uid or "")
if not ctx.obj.quiet:
click.echo(f"Credentials saved for environment '{env_name}'.")


def _login_oauth(ctx: click.Context, oid: str | None, env_name: str, provider: str, no_browser: bool) -> None:
Expand Down