> ## Documentation Index
> Fetch the complete documentation index at: https://docs.vast.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# CLI Authentication

Every request to the Vast.ai API requires an API key. The CLI stores your key locally and includes it automatically in every command. This page covers how to set up, verify, and manage API keys through the CLI.

## Set Your API Key

After creating a key from the [Keys page](https://cloud.vast.ai/manage-keys/), store it locally:

```bash theme={null}
vastai set api-key YOUR_API_KEY
```

This writes the key to `~/.config/vastai/vast_api_key` (or `$XDG_CONFIG_HOME/vastai/vast_api_key` if that env var is set). All subsequent commands use it automatically.

## Environment Variable (CI/CD)

Instead of storing the key in a file, you can set it as an environment variable:

```bash theme={null}
export VAST_API_KEY="your_api_key_here"
```

This is recommended for CI pipelines, Docker containers, and scripts, it avoids writing keys to
disk and makes it easy to inject secrets via your platform's secret manager. The environment
variable takes precedence over the file if both are set.

<Note>
  If you previously used an older version of the CLI, your key may be at the legacy location
  `~/.vast_api_key`. The CLI migrates it automatically to `~/.config/vastai/vast_api_key` on next
  run, so no manual action is needed.
</Note>

## Verify Your Key

Confirm your key works by fetching your account info:

```bash theme={null}
vastai show user
```

A successful response includes your user ID, email, and balance:

```json theme={null}
{
  "id": 123456,
  "email": "you@example.com",
  "credit": 25.00,
  "ssh_key": "ssh-rsa AAAAB3..."
}
```

<Note>
  If you get an authentication error, double-check your API key. The most common causes are a typo, an expired key, or a scoped key that lacks the required permission for the command you're running.
</Note>

## Create an API Key

You can create new keys from the CLI:

```bash theme={null}
vastai create api-key --name "ci-deploy-key"
```

The output includes the new key value. Copy it immediately -- you will not be able to retrieve it again.

To create a key with restricted permissions, pass a JSON permissions file:

```bash theme={null}
vastai create api-key --name "ci-deploy-key" --permission_file perms.json
```

See the [Permissions](/cli/permissions) page for the full permissions file format and examples.

## View and Delete Keys

List all API keys on your account:

```bash theme={null}
vastai show api-keys
```

View a specific key's details by ID:

```bash theme={null}
vastai show api-key 42
```

Delete a key:

```bash theme={null}
vastai delete api-key 42
```

## Key Expiration

API keys do not expire by default. You can revoke a key at any time from the [Keys page](https://cloud.vast.ai/manage-keys/) or with `vastai delete api-key`.

<Warning>
  Treat your API key like a password. Do not commit keys to version control or share them in plaintext. If a key is compromised, revoke it immediately and create a new one.
</Warning>