Skip to content

login#

Authenticate with a Posit Connect server using OAuth 2.1. This opens a browser for interactive login (or uses --use-device-code for headless environments). Tokens are stored in the system keyring when available, with fallback to the local credential store.

Alternatively, pass --identity-token (or --identity-token-file) with an OIDC identity token, such as a GitHub Actions OIDC token, to exchange it for a short-lived Connect API key without interactive login. The resulting API key is saved as the server credential.

Usage:

login [OPTIONS] SERVER

Options:

  -s, --server TEXT           The URL of the Posit Connect server.
  -n, --name TEXT             Nickname for the server (defaults to server
                              hostname).
  -i, --insecure              Disable TLS certificate verification.
  -c, --cacert FILE           Path to a trusted CA certificate file for TLS.
  --identity-token TEXT       An OIDC identity token to exchange for a Connect
                              API key (RFC 8693), instead of interactive OAuth
                              login. Use '-' to read the token from stdin. May
                              also be set via the CONNECT_IDENTITY_TOKEN
                              environment variable.
  --identity-token-file FILE  Path to a file containing an OIDC identity token
                              to exchange for a Connect API key. May also be
                              set via the CONNECT_IDENTITY_TOKEN_FILE
                              environment variable. Prefer this over
                              --identity-token to avoid exposing the token in
                              process arguments or CI/CD logs.
  --use-device-code           Use device code flow for headless/non-
                              interactive environments.
  --client-id TEXT            OAuth client ID (skips Dynamic Client
                              Registration).
  --no-set-default            Do not mark this server as the default after
                              login.
  -v, --verbose               Enable verbose output. Use -vv for very verbose
                              (debug) output.
  --help                      Show this message and exit.