Authentication
Translation lookups (resolve, translate, config-paths, migrate, inventory --resolve, readiness) authenticate to the Vrtmv API with a per-account bearer token. Local-only commands (assess, drift) need no account.
Storing a token
vrtmv auth <token>
This writes the token to a credentials file with owner-only permissions. Show the current status, or clear it:
vrtmv auth # show masked token + stored URL
vrtmv auth --clear # remove stored credentials
To point at a non-default API endpoint, store a URL alongside the token:
vrtmv auth <token> --url https://api.vrtmv.com
Environment variables
Credentials can also come from the environment, which takes precedence over the stored file:
| Variable | Purpose |
|---|---|
VRTMV_API_KEY | Bearer token. |
VRTMV_API_URL | API base URL. |
Transport security
The API base URL must be https://. The client refuses to send your bearer token over cleartext http:// to a non-loopback host — the token is your licensing credential, and it is attached to every request. A local development server on localhost/loopback is allowed over http://, and an explicit VRTMV_ALLOW_INSECURE=1 overrides the check with a warning.
Managing tokens & usage
An account can hold multiple tokens, and each token's usage is metered against the account. See Accounts, quota & billing.