Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Generate project-wide tokens within the CLI #122

Open
ajhalili2006 opened this issue May 21, 2021 · 1 comment
Open

Generate project-wide tokens within the CLI #122

ajhalili2006 opened this issue May 21, 2021 · 1 comment
Labels
feature request Proposed feature for the CLI

Comments

@ajhalili2006
Copy link

ajhalili2006 commented May 21, 2021
edited
Loading

About this Issue

Generating an API token for the project (assuming permissions are tied to my account's permissions on specific project) in the UI is fine, but what about people who don't bothered to open the browser or in an GUI-less machine?

In order to generate it, all of prerequisites should be reached:

  • signed in to the CLI
  • has project access with atleast write to generate tokens

The command will look like this:

$ railway tokens new [--env="production"]
Token name (if left blank, we'll generate it for you): nonsense-holy-call-what (generated by CLI)
Here's your project token for this project:

============================================================
Project ID: <project-id-over-there-probably-uuidv4-ones>
Project token: railway_<SOME-RANDOM-TEXT-OVER-HERE>
============================================================

This will be the only time you see the token. If you ever lost it or get leaked, you need to revoke this one.
Keep this project token secret, as this have the same permissions as you would, preferably in an password manager
like Bitwarden and 1Password or secret management apps like HashiCorp Vault and GitHub's built-in encrypted
environment variables.

Note that there's railway_ in example token output, that because I assume that Railway will apply for GitHub's secret scanning solution in the future.

Possible Alternative Solutions

  • Copy the ~/.railway directory to other machine and removing everything expect the JWT token for the Railway API.
  • Grab the JWT token from the webapp through DevTools (sounds tricky) and do some cURLing to specific endpoints delicated to project token generation. (API is undocumented for curl usage at time of writing.)

Related Issues
@Milo123459 Milo123459 added the enhancement New feature or request label Mar 5, 2023
@coffee-cup coffee-cup added feature request Proposed feature for the CLI and removed enhancement New feature or request labels Apr 26, 2023
@alexng353
Copy link
Contributor

alexng353 commented Nov 4, 2024
edited
Loading

Since the API is now (?) quite a bit easier to work with, if someone still wants this, I can try to build it out.

If I'm missing some information and this is not possible, please let me know before I try it.

image

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
feature request Proposed feature for the CLI
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@coffee-cup @alexng353 @ajhalili2006 @Milo123459