apkg login

The login command authenticates you with the APKG registry. Credentials are stored in ~/.apkg/credentials.json and used automatically by commands that require authentication, such as publish, token, and key.

Synopsis

apkg login [--registry <URL>]

The command prompts interactively for your username and password. If your account has multi-factor authentication (MFA) enabled, you will also be prompted for a TOTP code or recovery code.

Options

Option	Description
`--registry <URL>`	Override the registry URL for this login session

The --registry flag is a global option available to all commands. When provided, it takes precedence over the APKG_REGISTRY environment variable and any value set via apkg config set registry.

Authentication flow

Username — enter your APKG account username.
Password — enter your password (input is masked).
MFA — if MFA is enabled on your account, enter a TOTP code from your authenticator app or a recovery code.

On success the CLI prints Logged in as <username> and stores an access token and refresh token locally.

Credential storage

Credentials are saved to ~/.apkg/credentials.json with the following structure:

{
  "registry": "https://api.apkg.ai",
  "accessToken": "tok_abc123…",
  "refreshToken": "rt_def456…",
  "username": "your-username"
}

Each credential set is scoped to a registry URL. The registry is resolved in this order:

--registry flag (if provided)
APKG_REGISTRY environment variable
Value set via apkg config set registry
Default: https://api.apkg.ai

Examples

apkg login

apkg login --registry https://registry.internal.example.com

Verify who you are authenticated as after logging in:

apkg whoami

Command	Description
`logout`	Remove stored credentials
`whoami`	Show the authenticated user
`config`	Manage CLI configuration
`token`	Manage long-lived API tokens