SecurityToken Handling

Token Handling

Treat personal API tokens like deploy keys.

  • Store tokens in CI secrets or a password manager.
  • Never commit tokens to git.
  • For local CLI and AI-agent workflows, save the token once with auth login.
  • Prefer short-lived local shell variables for one-off commands.
  • Revoke tokens that are no longer tied to an active user or workflow.
npx @internalpage/cli auth login
npx @internalpage/cli pages create ./report.html

For non-interactive setup, pass the token on stdin.

printf '%s' "$IP_TOKEN" | npx @internalpage/cli auth login --token-stdin