Sign in and API keys

---

site: protos.rip

page: docs/guides/sign-in-and-api-keys

---

navigation

on this page

Sign in with your browser
Sign in with an API key
Create an API key in the dashboard
Revoke an API key
See also

# Sign in and API keys

```bash
buf registry login protos.rip  # sign in (browser flow creates a key)
buf registry whoami  # confirm the active identity
```

## Sign in with your browser

Run `buf registry login protos.rip` and approve the request in the browser tab that opens. (If the browser doesn’t launch, open the verification URL the CLI prints.) Once approved, your CLI is signed in — the key is stored in its credential file.

The key has scope `all orgs` and shows up in your [dashboard API-keys list](/dashboard/api-keys) for every org you belong to.

## Sign in with an API key

Use this when the machine has no browser — CI runners, headless servers. Create the key in the dashboard first, then with the key in an env var (e.g. `RIPR_KEY`), pipe it into the CLI:

```bash
echo $RIPR_KEY | buf registry login protos.rip --token-stdin
```

## Create an API key in the dashboard

Visit the [dashboard](/dashboard/api-keys). Enter a name (e.g. `ci-prod`) and click create.

Copy the full key before dismissing the dialog — protos.rip stores only the SHA-256 hash, so the key cannot be retrieved later. After dismissal only the prefix remains visible (e.g. `ripr_AbCd1234`).

## Revoke an API key

On the same dashboard page, click delete next to the key and confirm. Revocation is immediate — any subsequent CLI request using that key fails with an authentication error.

There is no rotate operation. Rotate by creating a new key, switching the CLI to it, then deleting the old one.

## See also

> [Create and publish a module](/docs/guides/create-and-publish-a-module)

← quickstart Create and publish a module →