Skip to content

Add device login and account management commands#71

Merged
yorkeccak merged 6 commits into
mainfrom
feature/account-api
Jun 30, 2026
Merged

Add device login and account management commands#71
yorkeccak merged 6 commits into
mainfrom
feature/account-api

Conversation

@yorkeccak

@yorkeccak yorkeccak commented Jun 25, 2026

Copy link
Copy Markdown
Contributor

What

Adds account self-service to the CLI against the public Valyu API (api.valyu.ai/v1/account/*).

Auth

  • valyu login now defaults to a browser-based device login (RFC 8628): prints a short user_code, opens the browser for one-click approval, and stores the resulting key — no key pasting. --key is preserved for manual/CI use; --device / --no-browser flags added. In --json/non-TTY mode it emits line-delimited events (device_code / auth_waiting / auth_success) so it can be driven headlessly.
  • valyu logout best-effort revokes the key server-side before clearing local credentials.

New valyu account group

whoami · keys list|create|revoke|rotate · balance · topup <amount> · usage · datasets. All --json-capable, human-pretty by default. Errors surface a machine-readable code + hint.

Budget-capped keys

valyu keys create --cap 5 --name my-agent --scopes inference

Creates a key with a hard spend cap, ideal for handing to an autonomous agent. The secret is shown once.

Files

  • src/lib/account-client.ts — client for the account endpoints (ACCOUNT_API_BASE, override via VALYU_ACCOUNT_API_BASE)
  • src/commands/account.ts, src/commands/auth/{login,logout}.ts, src/cli.ts
  • src/lib/config.ts — profiles optionally store the key id (backward compatible)
  • skill docs; version → 1.2.0

Verification

tsc --noEmit clean, npm run build succeeds, all 45 existing tests pass.

@yorkeccak yorkeccak force-pushed the feature/account-api branch from 32f1f87 to b42f331 Compare June 25, 2026 18:30
@yorkeccak yorkeccak changed the title Device-OAuth login + valyu account commands (budget-capped agent keys) Add device login and account management commands Jun 25, 2026
`valyu login` now defaults to the RFC 8628 device flow (browser approval, no
key pasting); `--key` is preserved for manual/CI. On success it stores the
minted val_ key and its id, and emits line-delimited JSON events
(device_code/auth_waiting/auth_success) so agents can drive it headlessly.
`valyu logout` best-effort revokes the key server-side.

New `valyu account` group against api.valyu.ai/v1/account/*:
whoami, keys list|create|revoke|rotate, balance, topup, usage, datasets.
`keys create --cap <usd>` is the budget-capped agent-key flow: mint a key that
cannot spend past the cap, hand it to an autonomous agent. Errors surface the
RFC 9457 machine code + hint.

- src/lib/account-client.ts: AccountClient + ACCOUNT_API_BASE (VALYU_ACCOUNT_API_BASE override)
- src/commands/account.ts, src/commands/auth/{login,logout}.ts, src/cli.ts
- src/lib/config.ts: profiles optionally store valyu_key_id (backward compatible)
- skill docs updated; version 1.2.0
@yorkeccak yorkeccak force-pushed the feature/account-api branch from b42f331 to 4aaef58 Compare June 26, 2026 08:13
Per-key dataset scoping and tier ceilings were removed from the Account API; a
key is bounded by budget cap + scopes + expiry. Drop the flags, the createKey
options, and the key_scoped_datasets response field/display.
DEFAULT_DEVICE_SCOPE is management-only (account:read keys:read keys:write
billing:read). keys create with no --scopes mints a search-only agent key; help
text + skill docs updated to reflect that search/data access is automatic.
…op usage

- logout now just removes local credentials by default (like gh/aws/docker);
  new --revoke flag also kills the key server-side (replaces --no-revoke)
- topup handles both outcomes: '+ Added $N (charged your card on file)' when charged,
  or the checkout link when no card is on file
- remove the 'usage' subcommand + client method/types
…voke surfacing

- topup: optional --idempotency-key for safe retries; --yes flag + interactive
  confirm for top-ups above $100 (agents/non-TTY still auto-charge).
- rotate: send the required Idempotency-Key (was 400ing every rotation).
- logout --revoke: surface the revoke outcome (warning + structured field)
  instead of swallowing failures under a success message.
writeFileSync mode only applies on create, so a pre-existing looser-permissioned
credentials file kept its bits. chmod 0600 (and 0700 on the dir) on every write.
@yorkeccak yorkeccak merged commit ab976d8 into main Jun 30, 2026
1 check passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant