Authentication
The apimetrics CLI authenticates with OAuth 2.0. There is no API key environment variable and no api configure command — sign in with login. Most commands auto-trigger login when they need credentials, so running login explicitly is rarely required.
login
Log in to APImetrics. The default interactive flow uses the OAuth 2.0 authorization-code flow with PKCE (code_challenge_method=S256) and opens your browser to complete sign-in.
apimetrics login
# Sign in interactively (browser-based, auth-code + PKCE)
apimetrics login
logout
Remove the cached login credentials and the active project, forcing re-authentication on the next request.
apimetrics logout
apimetrics logout
OAuth 2.0 flows
The CLI supports two OAuth 2.0 grant types:
| Flow | When to use |
|---|---|
Authorization code + PKCE (S256) | Default for interactive/human login. Opens a browser. |
| Client credentials | Machine-to-machine / unattended automation (CI, agents) with no browser. |
The interactive login command uses authorization-code + PKCE against the binary's configured authorization server. For client-credentials, configure the credentials in a profile and the CLI uses that grant automatically.
Named profiles
Use the global -p/--rsh-profile flag to keep separate credential sets (for example, interactive vs. machine-to-machine, or staging vs. production). The default profile is named default.
# Use a profile named "ci" (e.g. configured for client-credentials)
apimetrics list-monitors -p ci -o json
See Global flags for the full --rsh-* flag list.
See also
- Project — select a project after signing in
- CLI overview — config directory and endpoints