From e22369ec4d773eac3a6ceab806a8750d976bc431 Mon Sep 17 00:00:00 2001 From: Piyush Gupta Date: Wed, 26 Nov 2025 18:17:35 +0530 Subject: [PATCH] fix: review comments --- docs/cli/commands/login.mdx | 72 ++++++++++++++++++------------------- docs/cli/usage.mdx | 20 +++++------ 2 files changed, 44 insertions(+), 48 deletions(-) diff --git a/docs/cli/commands/login.mdx b/docs/cli/commands/login.mdx index 1a0db9b4e6..a670c03aae 100644 --- a/docs/cli/commands/login.mdx +++ b/docs/cli/commands/login.mdx @@ -43,34 +43,29 @@ User authentication is designed for individual developers and supports multiple The User authentication method allows you to log in with your email and password. This method supports three different login flows: -- **Browser Login** (default): Opens a browser for authentication -- **Direct Login**: Provide credentials via flags or environment variables for CI/CD -- **Interactive CLI Login**: Enter credentials via CLI prompts using `--interactive` + - **Browser Login** (default): Opens a browser for authentication + - **Direct Login**: Provide credentials via flags or environment variables for CI/CD + - **Interactive CLI Login**: Enter credentials via CLI prompts using `--interactive` -{" "} - - - - - Your email address. Required for direct login along with `--password` and - `--organization-id`. - - - Your password. Required for direct login along with `--email` and - `--organization-id`. - - - Your organization id. Required for direct login along with `--password` - and `--email`. - - - Force interactive CLI login instead of browser-based authentication. - - - Output only the JWT token (useful for scripting and CI/CD). - - - + + + + Your email address. Required for direct login along with `--password` and `--organization-id`. + + + Your password. Required for direct login along with `--email` and `--organization-id`. + + + Your organization id. Required for direct login along with `--password` and `--email`. + + + Force interactive CLI login instead of browser-based authentication. + + + Output only the JWT token (useful for scripting and CI/CD). + + + @@ -297,7 +292,6 @@ Machine identity authentication methods are designed for automated systems, serv ``` - @@ -323,7 +317,6 @@ Machine identity authentication methods are designed for automated systems, serv ``` - @@ -511,18 +504,21 @@ The login command supports a number of flags that you can use for different auth ```bash - infisical login --domain= [other-flags] + infisical login --domain= ``` #### Description - Specifies the Infisical API URL for non-US instances (EU Cloud or self-hosted instances). This flag is required when connecting to any instance other than the US Cloud. + Specifies the Infisical API URL for non-US Cloud instances. This flag is required when connecting to any instance other than US Cloud (e.g. EU Cloud or self-hosted). ```bash # Example for EU Cloud - infisical login --domain="https://eu.infisical.com" --jwt= --machine-identity-id= + infisical login --domain="https://eu.infisical.com" + + # Example for localhost + infisical login --domain="http://localhost:8080" # Example for self-hosted - infisical login --domain="https://your-self-hosted-infisical.com/api" --email user@example.com --password "password" + infisical login --domain="https://your-self-hosted-infisical.com" ``` @@ -558,11 +554,11 @@ The following examples demonstrate different ways to authenticate as a user with # Basic direct login (defaults to US Cloud) infisical login --email user@example.com --password "your-password" --organization-id "your-organization-id" - # EU Cloud + # Basic direct login (EU Cloud) infisical login --domain https://eu.infisical.com --email user@example.com --password "your-password" --organization-id "your-organization-id" - # Self-hosted instance - infisical login --domain https://your-self-hosted-infisical.com/api --email user@example.com --password "your-password" --organization-id "your-organization-id" + # Basic direct login (Self-hosted Instance) + infisical login --domain https://your-self-hosted-infisical.com --email user@example.com --password "your-password" --organization-id "your-organization-id" # Output only JWT token for scripting export INFISICAL_TOKEN=$(infisical login --email user@example.com --password "your-password" --organization-id "your-organization-id" --plain --silent) @@ -584,7 +580,7 @@ The following examples demonstrate different ways to authenticate as a user with ``` - **For non-US instances:** If you're using EU Cloud, or a self-hosted instance, you must set `INFISICAL_API_URL` before login, or use `--domain` on all commands. Refer to the [Domain Configuration](/cli/usage#domain-configuration) section for more details. + **For non-US Cloud instances:** If you're using EU Cloud or a self-hosted instance, you must set `INFISICAL_API_URL` before login or use `--domain` on all commands. Refer to the [Domain Configuration](/cli/usage#domain-configuration) section for more details. @@ -622,7 +618,7 @@ In this example we'll be using the `universal-auth` method to login to obtain an ``` - **For non-US instances:** If you're using EU Cloud, or a self-hosted instance, you must set `INFISICAL_API_URL` before login, or use `--domain` on all commands. Refer to the [Domain Configuration](/cli/usage#domain-configuration) section for more details. + **For non-US Cloud instances:** If you're using EU Cloud or a self-hosted instance, you must set `INFISICAL_API_URL` before login or use `--domain` on all commands. Refer to the [Domain Configuration](/cli/usage#domain-configuration) section for more details. Now that we've set the `INFISICAL_TOKEN` environment variable, we can use the CLI to interact with Infisical. The CLI will automatically check for the presence of the `INFISICAL_TOKEN` environment variable and use it for authentication. diff --git a/docs/cli/usage.mdx b/docs/cli/usage.mdx index c91ac57368..e158539db8 100644 --- a/docs/cli/usage.mdx +++ b/docs/cli/usage.mdx @@ -127,7 +127,7 @@ The CLI is designed for a variety of secret management applications ranging from Starting with CLI version v0.4.0, you can now choose to log in via Infisical Cloud (US/EU) or your own self-hosted instance by simply running `infisical login` and following the on-screen instructions — no need to manually set the `INFISICAL_API_URL` environment variable. -For versions prior to v0.4.0, the CLI defaults to the US Cloud. To connect to the EU Cloud or a self-hosted instance, set the `INFISICAL_API_URL` environment variable to `https://eu.infisical.com` or your custom URL. +For versions prior to v0.4.0, the CLI defaults to US Cloud. To connect to EU Cloud or a self-hosted instance, set the `INFISICAL_API_URL` environment variable to `https://eu.infisical.com` or your custom URL. @@ -136,7 +136,7 @@ For versions prior to v0.4.0, the CLI defaults to the US Cloud. To connect to th **Important:** If you're not using interactive login, you must configure the domain for **all CLI commands**. -The CLI defaults to the US Cloud (https://app.infisical.com). To connect to the **EU Cloud (https://eu.infisical.com)** or a **self-hosted instance**, you can configure the domain in one of the following ways: +The CLI defaults to US Cloud (https://app.infisical.com). To connect to **EU Cloud (https://eu.infisical.com)** or a **self-hosted instance**, you MUST configure the domain in one of the following ways: - Use the `INFISICAL_API_URL` environment variable - Use the `--domain` flag on every command @@ -175,7 +175,7 @@ The CLI defaults to the US Cloud (https://app.infisical.com). To connect to the infisical login --domain="https://your-domain.infisical.com" --method=universal-auth --client-id= --client-secret= --silent --plain # All subsequent commands must also include --domain - infisical secrets --domain="https://your-domain.infisical.com" --projectId --env dev + infisical secrets --domain="https://your-domain.infisical.com" --projectId= --env=dev ``` @@ -242,12 +242,12 @@ For security and privacy concerns, we recommend you to configure your terminal t ## FAQ - - Yes. The CLI is set to connect to Infisical US Cloud by default, but if you're using the EU Cloud, a self-hosted instance, you need to configure the domain for **all CLI commands**. + + Yes. The CLI is set to connect to Infisical US Cloud by default, but if you're using EU Cloud or a self-hosted instance you can to configure the domain for **all CLI commands**. - #### Method 1:Use the updated CLI (v0.4.0+) + #### Method 1: Use the updated CLI (v0.4.0+) - Beginning with CLI version V0.4.0, you can choose between logging in through the Infisical US Cloud, EU Cloud, or your own self-hosted instance. Simply execute the `infisical login` command and follow the on-screen instructions. + Beginning with CLI version V0.4.0, you can choose between logging in through Infisical US Cloud, EU Cloud, or your own self-hosted instance. Simply execute the `infisical login` command and follow the on-screen instructions. #### Method 2: Export environment variable @@ -287,15 +287,15 @@ For security and privacy concerns, we recommend you to configure your terminal t #### Method 3: Set manually on every command - If you prefer not to set the environment variable, you must include the `--domain` flag on **every CLI command** you run: + If you prefer not to use an environment variable, you must include the `--domain` flag on **every CLI command** you run: ```bash # Login with domain infisical login --domain="https://your-domain.infisical.com" --method=oidc-auth --jwt $JWT # All subsequent commands must also include --domain - infisical secrets --domain="https://your-self-hosted-infisical.com/api" --projectId --env dev - infisical export --domain="https://your-self-hosted-infisical.com/api" --format=dotenv-export + infisical secrets --domain="https://your-self-hosted-infisical.com" --projectId --env dev + infisical export --domain="https://your-self-hosted-infisical.com" --format=dotenv-export ```