Skip to main content
The Ravion CLI authenticates with your Ravion account and stores credentials locally for subsequent commands.

Sign in

Sign in with:
By default, login uses the device-authorization flow. The CLI prints a URL and a short code, and you approve the sign-in from any browser, including a browser on another device. This works on headless hosts.

Check your identity

Confirm who you are signed in as:
Add --json to get machine-readable output.

Select an organization

If you belong to more than one organization, choose the active one:
This walks through your organizations and persists the selection. Pass --org <id-or-name> to skip the interactive picker. Switching organization clears the active workspace, so ravion terraform asks you to pick a workspace again.

Sign out

Clear locally stored credentials:

Credential storage

Credentials are stored under your config directory:

Service accounts and API keys

For automation that should not depend on a person’s session, use a service account API key instead of an interactive login. See ravion service-account and ravion api-key.

Non-interactive authentication

Set a credential in the environment to authenticate without ravion login. When one of these variables is set, the CLI uses it instead of the stored credentials and skips the device-authorization flow. An API key is scoped to its organization, so you don’t run ravion switch when you use RAVION_API_KEY. This is the recommended way to authenticate in CI. See CI integration.

Next steps

Command reference

Browse every CLI command.

Terraform credentials

Run Terraform with Ravion-managed credentials.