`lumio login`

Authenticate with your Lumio account. Credentials are stored in ~/.lumio/credentials and reused automatically for subsequent commands.

Usage

lumio login [--token <token>]

Options

Flag	Description
`--token <token>`	Authenticate with a Lumio API key directly (no browser)

lumio login

This opens your default browser to the Lumio OAuth login page using PKCE flow. After you approve the authorization in the browser, the CLI completes authentication automatically.

The flow does not require a client secret — it uses PKCE (Proof Key for Code Exchange), which is safe for CLI tools.

For CI/CD environments where a browser is not available, use a Lumio API key:

lumio login --token lm_usr_xxxxxxxxxxxx

Or set the LUMIO_TOKEN environment variable:

LUMIO_TOKEN=lm_usr_xxxxxxxxxxxx lumio deploy -v 1.0.0

The LUMIO_TOKEN environment variable takes precedence over stored credentials.

Generating an API key

Open lumio.vision in your browser
Navigate to Account → API Keys
Click Create API key
Give it a name (e.g., "CI/CD pipeline")
Copy the generated key — it starts with lm_usr_

Checking your credentials

lumio whoami
# Logged in as: Your Name (raphael@example.com)
# Account: your-account-slug

Logging out

lumio logout
# Credentials removed from ~/.lumio/credentials

Credential storage

Credentials are stored in ~/.lumio/credentials as a JSON file. The file contains an OAuth refresh token (browser login) or the API key (token login). It is not encrypted at rest — keep your home directory secure.

Usage​

Options​

Browser-based login (default)​

Token-based login (CI/CD)​

Generating an API key​

Checking your credentials​

Logging out​

Credential storage​