Authentication

Authentication Methods

ellygent auth login

export ELLYGENT_PAT='elly_pat_xxxxxxxxxxxxxxxxxxxxx'
ellygent auth login --api-url https://api.ellygent.com

Email & Password Authentication

Interactive Login

The simplest method for local development:

ellygent login

You'll be prompted for API URL, email, and password. Credentials are validated and tokens are stored securely in your config directory.

Non-Interactive Login

For scripted workflows, set password via environment variable:

ELLYGENT_PASSWORD='...' ellygent auth login --api-url https://api.example.com --email dev@example.com

Personal Access Token (PAT) Authentication

PATs are the recommended method for automation, CI/CD pipelines, and long-term CLI access. They're more secure than passwords and can be revoked independently.

Step 1: Generate a PAT

1. Log in to Ellygent web interface

2. Navigate to Account → Personal Access Tokens

3. Click "Create New Token"

4. Give it a descriptive name (e.g., "CLI", "Local Dev", "CI Pipeline")

5. Copy the token (starts with elly_pat_)

Step 2: Authenticate with PAT

Option 1: Environment Variable (Recommended)

Set ELLYGENT_PAT in your shell environment:

export ELLYGENT_PAT='elly_pat_xxxxxxxxxxxxxxxxxxxxx'
ellygent auth login --api-url https://api.ellygent.com

Option 2: .env File

Create a .env file in your project directory:

ELLYGENT_PAT=elly_pat_xxxxxxxxxxxxxxxxxxxxx
ELLYGENT_API_URL=https://api.ellygent.com

Then login:

ellygent auth login --api-url $ELLYGENT_API_URL

Option 3: Direct Flag (Not Recommended)

Pass the PAT directly as a command-line flag:

ellygent auth login --api-url https://api.ellygent.com --pat elly_pat_xxxxxxxxxxxxxxxxxxxxx

Config Storage

After successful authentication, the CLI stores tokens and configuration in your user config directory:

• Linux/macOS: ~/.ellygent/config.json or $XDG_CONFIG_HOME/ellygent/config.json

• Windows: %APPDATA%\Ellygent\config.json

The config file is protected with file mode 0600 (owner read/write only).

View Current Config

ellygent config

Environment Variables

Override config file settings with environment variables. Useful for CI/CD and temporary overrides.

Priority Order

When multiple configuration sources exist, the CLI uses this precedence (highest to lowest):

1. Command-line flags (--org, --project, etc.)

2. Environment variables (ELLYGENT_*)

3. Config file (~/.ellygent/config.json)

4. Built-in defaults

CI/CD Best Practices

GitHub Actions Example

name: Download Engineering Context

on: [push]

jobs:
  sync-context:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v3
      
      - name: Setup Node.js
        uses: actions/setup-node@v3
        with:
          node-version: '18'
      
      - name: Install Ellygent CLI
        run: npm install -g @ellygent/cli
      
      - name: Authenticate with PAT
        env:
          ELLYGENT_PAT: ${{ secrets.ELLYGENT_PAT }}
        run: ellygent auth login --api-url https://api.ellygent.com
      
      - name: Download context
        run: |
          ellygent context pull \
            --project safety-system \
            --version v2.1 \
            --format json

GitLab CI Example

sync-context:
  image: node:18
  script:
    - npm install -g @ellygent/cli
    - ellygent auth login --api-url https://api.ellygent.com
    - ellygent context pull --project safety-system --version v2.1
  variables:
    ELLYGENT_PAT: ${ELLYGENT_PAT}

Security Checklist

• ✅ Store PATs in secret management (GitHub Secrets, GitLab CI/CD variables, etc.)

• ✅ Never commit PATs or tokens to version control

• ✅ Use PATs instead of email/password in CI/CD

• ✅ Rotate PATs regularly

• ✅ Revoke unused PATs immediately

• ✅ Add .env to .gitignore