Login and CLI setup

Authenticating your workstation lets the Snakemake logger post events without pasting long API tokens into the shell when you use the supported browser flow.

Tip

If you are evaluating a shared demo deployment, get the URL and any demo credentials from your maintainers or administrator. Do not store sensitive data on shared hosts.

Recommended: flowo login (default path)

1. Install the PyPI package (see Installation) so the flowo CLI is available.
2. Run (replace the host with your deployment):

flowo login --host https://your-flowo-host

1. A browser window opens (or prints a URL). Sign in to FlowO and approve the device.
2. On success, the CLI writes ~/.config/flowo/config.toml (Linux/macOS; similar paths on Windows) with 0600 permissions.

Example session (wording may vary slightly by CLI version; tokens are not echoed):

$ flowo login --host https://your-flowo-host
Opening browser for authentication…
Waiting for you to approve this device in the browser…
Login successful. Configuration saved to ~/.config/flowo/config.toml

The file should look like this (use your real host; keep the token private):

host = "https://your-flowo-host"
token = "<stored-by-flowo-login>"

Fallback: API tokens (headless, CI, or MCP)

Use this path only when you cannot open a browser on the execution node (batch clusters, locked-down CI, or some MCP setups). Day-to-day use should stay on flowo login above.

1. In the web UI: Settings → API Tokens → create a token with a label and expiry.
2. Configure the CLI manually (or use the copy-paste command FlowO shows), for example:

host = "https://your-flowo-host"
token = "your-secret-api-token"

Note

Treat tokens like passwords. Prefer flowo login when possible so tokens are not echoed in shell history.

Verify connectivity

flowo catalog list

An empty list without an error means authentication and HTTPS reachability are working.

See also

• Run Snakemake with FlowO
• FAQ — token storage and login failures