Configure authentication for the Admin API. The Moose CLI uses a plain-text token from your local environment to authenticate against your production instance, which validates it using a stored hash.
| Key | Env Variable | Default | Description |
|---|---|---|---|
admin_api_key | MOOSE_AUTHENTICATION__ADMIN_API_KEY | - | Server-side. PBKDF2 hash of the admin token for validating requests. |
admin_token | MOOSE_ADMIN_TOKEN | - | Client-side. Plain-text token used by the CLI to authenticate against the Admin API. |
Store the PBKDF2 hash of the admin token on your production instance:
[authentication]# Optional hashed admin API key for auth (Default: None)# admin_api_key = "hashed_api_key"Or set it as an environment variable:
MOOSE_AUTHENTICATION__ADMIN_API_KEY=your_pbkdf2_hmac_sha256_hashed_keyThe admin_api_key stores a , not the plain-text token. It is safe to commit this hashed value to version control since the Bearer token cannot be derived from it.
Store the plain-text token in your local .env.local file. The CLI uses this token to authenticate API requests to your production Admin API:
MOOSE_ADMIN_TOKEN=your_plain_text_tokenThe admin_token contains a plain-text token and must never be committed to version control. Store it only in your git-ignored .env.local file.