Authentication
The ByCloud CLI supports multiple authentication methods for different use cases.
Interactive Login
The easiest way to authenticate is using interactive login, which opens your browser:
bycloud auth loginThis will open your browser to authenticate and store the credentials locally.
API Key Authentication
For automation and CI/CD, use an API key. First, create a service account and API key in the console, then configure:
Set API key in config:
bycloud config set api_key ACCESS_KEY_ID:SECRET_ACCESS_KEYOr use environment variable:
export BYCLOUD_API_KEY="ACCESS_KEY_ID:SECRET_ACCESS_KEY"Service Account (CI/CD)
For CI/CD pipelines, create a service account with the required permissions:
1. Create service account:
bycloud iam service-accounts create --name "CI/CD Pipeline"2. Assign roles:
bycloud iam service-accounts assign-role --id sa-123 --role compute-admin3. Generate API key:
bycloud iam api-keys create --service-account-id sa-123Check Authentication Status
Verify your authentication status:
bycloud auth statusLogout
Remove stored credentials:
bycloud auth logoutCredential Precedence
The CLI checks for credentials in this order:
1. Command-line flags (--api-key)
2. Environment variables (BYCLOUD_API_KEY)
3. Profile configuration (~/.config/bycloud/config.yaml)
4. Cached OAuth token from interactive login