Authentication

Before using the CLI to interact with the Kubiya Agentic Platform, you need to authenticate. The CLI offers multiple authentication methods to suit different usage scenarios.

Authentication Methods

kubiya auth login

This will either open a browser window for SSO authentication or prompt you for your API key.

Follow the authentication flow

If using browser-based authentication, complete the login process in your browser.

kubiya auth status

You should see confirmation that you're successfully logged in.

The interactive login stores credentials securely in your local config file for subsequent commands.

Authentication Management

Additional Authentication Commands

# Check current authentication status
kubiya auth status
 
# Log out and remove stored credentials
kubiya auth logout
 
# Regenerate API key (requires existing valid authentication)
kubiya auth regenerate-key
 
# Switch between different Kubiya instances
kubiya config set api-url https://custom-instance.kubiya.ai/v1

Security Best Practices

Store API keys securely using environment variables or secure secret managers
Use scoped API keys with the minimal permissions needed for your use case
Regularly rotate API keys, especially for shared or automated systems
Use SSO authentication where available for enhanced security
Avoid storing API keys in code repositories or unencrypted files

Troubleshooting

If you encounter authentication issues:

Verify your API key is valid and has not expired
Check that you're connecting to the correct Kubiya instance URL
Ensure network connectivity to the Kubiya API endpoint
Check for any firewalls or proxy settings that might block connections
Run kubiya --debug auth status for detailed diagnostic information

Authentication

Additional Authentication Commands

On this page