> ## Documentation Index
> Fetch the complete documentation index at: https://docs.pipecat.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# auth

> Authentication and authorization commands

The `auth` command group manages authentication with Pipecat Cloud, allowing you to login, logout, and check your current account identity.

## login

Begins an authorization flow to authenticate with Pipecat Cloud.

**Usage:**

```shell theme={null}
pipecat cloud auth login [OPTIONS]
```

**Options:**

<ParamField path="--headless / -h" type="boolean" default="false">
  Skip opening a browser window for authentication and print the URL instead.
  Useful for remote or containerized environments.
</ParamField>

This command initiates the authentication process by:

1. Generating a unique authentication URL
2. Opening your default web browser (if available)
3. Waiting for you to complete the sign-in process in the browser
4. Retrieving and storing your access token locally

If the browser doesn't open automatically, or if you use the `--headless` option, you can copy and paste the displayed URL into your browser manually.

On successful login, the CLI will store the access token in the local configuration file (defaults to `~/.config/pipecatcloud/pipecatcloud.toml`). This token will be used for all subsequent requests to the Pipecat Cloud API.

You can override the default location by setting the `PIPECAT_CONFIG_PATH` environment variable.

## logout

Signs out of the current Pipecat Cloud account by removing the access token from your local configuration file.

**Usage:**

```shell theme={null}
pipecat cloud auth logout
```

## use-pat

Authenticates with a [Personal Access Token](/pipecat-cloud/guides/personal-access-tokens) instead of interactive OAuth login. Validates the token against the API and stores it in your local config file.

**Usage:**

```shell theme={null}
pipecat cloud auth use-pat <token>
```

**Arguments:**

<ParamField path="token" type="string" required>
  Personal Access Token (must start with `pcc_pat_`).
</ParamField>

<Tip>
  You can also set the `PIPECAT_TOKEN` environment variable instead of storing
  the token locally. See the [PAT guide](/pipecat-cloud/guides/personal-access-tokens)
  for details.
</Tip>

## whoami

Displays information about the currently authenticated user, including user ID, active organization, auth method, and Daily API key.

**Usage:**

```shell theme={null}
pipecat cloud auth whoami
```

## Configuration

CLI configuration is stored in `~/.config/pipecatcloud/pipecatcloud.toml`. You can override this location by setting the `PIPECAT_CONFIG_PATH` environment variable.

The configuration stores your access token, active organization, and default API keys.

**View current configuration:**

```shell theme={null}
pipecat cloud --show-cli-config
```

<Accordion title="Example configuration file">
  <Warning>We do not recommend manually editing the configuration file. If the file becomes malformed, run `pipecat cloud auth login` to regenerate it.</Warning>

  ```toml theme={null}
    token = "..."
    org = "user-namespace"

    [another-user-org]
    default_public_key = "pk_..."
    default_public_key_name = "Test Key"

    [futher-user-org]
    default_public_key = "pk_..."
    default_public_key_name = "Pipecat Cloud Public Key"
  ```
</Accordion>

***

<Card title="More about user accounts" icon="people-group" href="/pipecat-cloud/fundamentals/accounts-and-organizations">
  Managing your account and collaborating on agents as part of a team
</Card>