Overview
Lua CLI requires authentication to access the platform and deploy skills. Authentication is done via API key stored securely in your system keychain.Commands
configure
Set up authentication
key
Display stored key
logout
Remove credentials
lua auth configure
Set up API key authentication.Authentication Methods
- Email (Recommended)
- API Key
Email OTP AuthenticationFeatures:
- Choose “Email” when prompted
- Enter your email address
- Check email for 6-digit code
- Enter the OTP code
- API key automatically generated and saved
- No existing account needed
- Automatic key generation
- Most secure method
- No manual key management
Where Credentials are Stored
Credentials are stored securely in your system keychain:- macOS
- Windows
- Linux
KeychainStored in macOS Keychain with encryptionView in Keychain Access app:
- Service:
lua-cli - Account: Your email or user ID
lua auth key
Display your stored API key.Security Confirmation
For security, you must confirm before displaying the key:Only displays key after explicit confirmation to prevent accidental exposure.
Use Cases
- Copying to another machine: Get key to set up elsewhere
- CI/CD configuration: Copy key for automated deployments
- Verification: Confirm which key is currently configured
- Sharing with team: Share key with team members (use with caution)
lua auth logout
Delete stored API key from your system.Confirmation Required
What Happens
1
Key Removed
API key deleted from system keychain
2
CLI Access Lost
You’ll need to run
lua auth configure to use CLI again3
Key Still Valid
The key is NOT invalidated on the server - it just removes local copy
After logout, the key still works if used elsewhere. To fully revoke access, regenerate a new key.
Troubleshooting
No API key found
No API key found
Error:
❌ No API key found. Run lua auth configure first.Solution: Run lua auth configure to set up authenticationOTP not received
OTP not received
Problem: Didn’t receive OTP emailSolutions:
- Check spam/junk folder
- Wait a few minutes (can take up to 5 min)
- Try again with
lua auth configure - Use API Key method instead
Invalid OTP
Invalid OTP
Error:
❌ Invalid OTP codeSolutions:- Double-check the code from email
- OTP expires after 10 minutes
- You have 3 attempts
- Request new OTP by running command again
API key validation failed
API key validation failed
Error:
❌ API key validation failedSolutions:- Verify you copied the complete key
- Check key hasn’t been revoked
- Ensure no extra spaces
- Generate new key via email method
Keychain access denied (macOS)
Keychain access denied (macOS)
Error: Permission denied accessing keychainSolution: Grant Terminal access to keychain:
- System Preferences → Security & Privacy
- Privacy → Automation
- Enable Terminal for Keychain Access
libsecret not found (Linux)
libsecret not found (Linux)
Error:
libsecret not installedSolution: Install libsecret:Best Practices
Use Email Authentication
Use Email Authentication
Recommended for individual developers:
- Automatic key management
- More secure than manual keys
- Easy to set up
- No key to remember
Keep Keys Private
Keep Keys Private
Never share or expose your API key:
- Don’t commit to git
- Don’t share in chat/email
- Don’t log in console
- Use logout when done on shared machines
Use Separate Keys for CI/CD
Use Separate Keys for CI/CD
For automated deployments:
- Generate dedicated CI/CD key
- Store as environment variable
- Rotate regularly
- Revoke when no longer needed
Logout on Shared Machines
Logout on Shared Machines
CI/CD Configuration
For automated deployments:- GitHub Actions
- GitLab CI
- Environment Variable
LUA_API_KEY to GitHub Secrets