> ## Documentation Index
> Fetch the complete documentation index at: https://docs.groniz.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Authentication

> Set up OAuth2 or API key authentication for the Groniz CLI

## OAuth2 (Recommended)

Authenticate using the device flow — no client ID or secret needed:

```bash theme={null}
groniz auth:login
```

This will:

1. Display a one-time code in your terminal
2. Open your browser to authorize
3. Automatically save credentials to `~/.groniz/credentials.json`

### Auth Commands

```bash theme={null}
# Check current auth status (verifies credentials are still valid)
groniz auth:status

# Remove stored credentials
groniz auth:logout
```

## API Key

Alternatively, set your Groniz API key as an environment variable:

```bash theme={null}
export GRONIZ_API_KEY=your_api_key_here
```

You can get your API key from the Groniz Settings page.

<Note>
  OAuth2 credentials take priority over the API key when both are present.
</Note>

## Environment Variables

| Variable             | Required | Default                  | Description           |
| -------------------- | -------- | ------------------------ | --------------------- |
| `GRONIZ_API_KEY`     | No\*     | -                        | Your Groniz API key   |
| `GRONIZ_API_URL`     | No       | `https://api.groniz.com` | API endpoint override |
| `GRONIZ_AUTH_SERVER` | No       | `https://api.groniz.com` | Auth server override  |

\*Either OAuth2 (via `groniz auth:login`) or `GRONIZ_API_KEY` is required.
