Auth Commands

The cyberstrike auth commands manage authentication credentials for AI providers.

Login

Interactive Login

cyberstrike auth login

Displays provider selection menu:

? Select provider
❯ OpenRouter (free tier available)
  Anthropic (API key from console.anthropic.com)
  OpenAI (ChatGPT Plus/Pro or API key)
  Google (API key from ai.google.dev)
  Ollama (local models)
  Other

Provider-Specific Login

cyberstrike auth login anthropic
cyberstrike auth login openai
cyberstrike auth login google
cyberstrike auth login openrouter

With API Key

cyberstrike auth login anthropic --key sk-ant-api03-...

OAuth Login

For providers supporting OAuth:

cyberstrike auth login openai --oauth

Opens browser for authentication.

Logout

Single Provider

cyberstrike auth logout anthropic

All Providers

cyberstrike auth logout --all

Interactive Selection

cyberstrike auth logout

Displays list of authenticated providers.

Status

Check All Credentials

cyberstrike auth status

Output:

Authentication Status
━━━━━━━━━━━━━━━━━━━━━

Stored Credentials (~/.cyberstrike/auth.json):
  ✓ Anthropic (API key)
  ✓ OpenRouter (API key)
  ✗ OpenAI (not configured)

Environment Variables:
  ✓ ANTHROPIC_API_KEY
  ✗ OPENAI_API_KEY
  ✗ GOOGLE_API_KEY

Specific Provider

cyberstrike auth status anthropic

Output:

Anthropic Authentication
━━━━━━━━━━━━━━━━━━━━━━━━
Status: Authenticated
Method: API Key
Key: sk-ant-***...***
Expires: Never

Verify Credentials

cyberstrike auth verify

Tests all credentials against provider APIs.

List

List Stored Credentials

cyberstrike auth list

Output:

Stored Credentials
━━━━━━━━━━━━━━━━━━

Provider       Method    Added
───────────────────────────────
Anthropic      API Key   2025-01-15
OpenRouter     API Key   2025-01-10
Google         OAuth     2025-01-08

JSON Output

cyberstrike auth list --json

Refresh

Refresh OAuth Token

cyberstrike auth refresh openai

Refresh All OAuth Tokens

cyberstrike auth refresh --all

Switch

Switch Default Provider

cyberstrike auth switch anthropic

List Available Providers

cyberstrike auth switch

Interactive selection.

Credential Storage

Storage Location

Credentials are stored in:

~/.cyberstrike/auth.json

File Permissions

The auth file is created with restricted permissions:

ls -la ~/.cyberstrike/auth.json
# -rw------- 1 user user 256 Jan 15 10:00 auth.json

Encryption

Credentials are encrypted at rest using platform keychain when available:

• macOS: Keychain
• Linux: Secret Service / libsecret
• Windows: Credential Manager

Plain Text Storage

For systems without keychain:

cyberstrike auth login --no-keychain

Environment Variables

Override Stored Credentials

Environment variables take precedence:

export ANTHROPIC_API_KEY="sk-ant-..."
cyberstrike  # Uses environment variable

Supported Variables

Multiple Accounts

Add Second Account

cyberstrike auth login anthropic --alias work
cyberstrike auth login anthropic --alias personal

Use Specific Account

cyberstrike --auth-alias work

List Accounts

cyberstrike auth list --all

Troubleshooting

Invalid API Key

Error: Invalid API key for Anthropic

Verify:

• Key is correctly copied
• No extra whitespace
• Key is active in provider console

Expired Token

Error: OAuth token expired

Solution:

cyberstrike auth refresh openai

Permission Denied

Error: Cannot write to auth file

Check file permissions:

chmod 600 ~/.cyberstrike/auth.json

Keychain Access

Error: Cannot access system keychain

Solutions:

• Unlock keychain
• Use --no-keychain flag
• Use environment variables

Security Best Practices

1. Rotate keys - Regularly rotate API keys
2. Use environment variables - For CI/CD and automation
3. Limit key scope - Use restricted API keys when available
4. Monitor usage - Check provider dashboards for unusual activity
5. Secure storage - Ensure auth file has proper permissions

Related Documentation

• Authentication Guide - Full setup guide
• Providers - Provider configuration
• Configuration - Config options