Documentation Index Fetch the complete documentation index at: https://qovery-erebe-skills.mintlify.app/llms.txt
Use this file to discover all available pages before exploring further.
Overview Generate an API token for authenticating with Qovery programmatically. API tokens are useful for CI/CD pipelines, automation scripts, and integrations.
Command This command generates a new API token that can be used for authentication instead of interactive login.
Usage Options Flag Description --nameToken name/description --helpShow help for token command
Examples Generate Token # Generate new API token qovery token # Copy the token output # Token: qov_abc123def456...
Generate Named Token # Generate token with descriptive name qovery token --name "CI/CD Pipeline Token"
Using API Tokens In CI/CD Pipelines # GitHub Actions env: QOVERY_CLI_ACCESS_TOKEN: ${{ secrets . QOVERY_TOKEN } } # GitLab CI variables: QOVERY_CLI_ACCESS_TOKEN: $CI_QOVERY_TOKEN # CircleCI environment: QOVERY_CLI_ACCESS_TOKEN: ${ QOVERY_TOKEN }
In Scripts #!/bin/bash # Set token as environment variable export QOVERY_CLI_ACCESS_TOKEN = "qov_abc123def456..." # Authenticate qovery auth # Run commands qovery application deploy --application "my-app"
In Local Development # Add to your shell profile (~/.bashrc, ~/.zshrc) export QOVERY_CLI_ACCESS_TOKEN = "qov_abc123def456..." # Or create a .env file echo "QOVERY_CLI_ACCESS_TOKEN=qov_abc123def456..." > .env source .env
Security Best Practices Never commit API tokens to version control. Always use secrets management:
GitHub Actions: Use secrets
GitLab CI: Use CI/CD variables
CircleCI: Use environment variables
Local: Use environment variables or secure vaults
Do:
Store tokens in CI/CD secret management
Use environment variables
Use secure vaults (AWS Secrets Manager, HashiCorp Vault)
Rotate tokens regularly
Don’t:
Commit tokens to Git
Share tokens in plain text
Use the same token across multiple systems
Store tokens in application code
Regularly rotate API tokens for security: # 1. Generate new token qovery token --name "New Token" # 2. Update CI/CD secrets with new token # 3. Revoke old token in Qovery Console
Generate separate tokens for different purposes: # Production deployments qovery token --name "Production CI/CD" # Staging deployments qovery token --name "Staging CI/CD" # Read-only monitoring qovery token --name "Monitoring Read-Only"
Managing Tokens Tokens can be managed in the Qovery Console:
Go to Settings → API Tokens
View all active tokens
Revoke tokens that are no longer needed
Set expiration dates for tokens
Token Permissions API tokens inherit permissions from your user account:
Full Access - Can perform all operations you can performScoped to Organization - Token permissions apply to specific organizationAudit Trail - All token actions are logged
Examples by Use Case CI/CD Deployment # .github/workflows/deploy.yml name : Deploy to Qovery on : push : branches : [ main ] jobs : deploy : runs-on : ubuntu-latest steps : - uses : actions/checkout@v2 - name : Install Qovery CLI run : curl -s https://get.qovery.com | bash - name : Deploy Application env : QOVERY_CLI_ACCESS_TOKEN : ${{ secrets.QOVERY_TOKEN }} run : | qovery auth qovery application deploy --application "my-app"
Automated Monitoring Script #!/bin/bash # monitor.sh export QOVERY_CLI_ACCESS_TOKEN = "${ QOVERY_MONITORING_TOKEN }" qovery auth # Get status of all services qovery status --format json > status.json # Check for errors if jq -e '.services[] | select(.status == "ERROR")' status.json > /dev/null ; then echo "ERROR: Services with errors detected" # Send alert fi
Tips Generate separate tokens for different environments (production, staging, development) to limit blast radius if a token is compromised.
Use descriptive names when generating tokens to easily identify their purpose later.
