cline/docs/api/authentication.mdx

---
title: "Authentication"
sidebarTitle: "Authentication"
description: "How to authenticate with the Cline API using API keys or account tokens."
---

Every request to the Cline API requires authentication via a Bearer token in the `Authorization` header.

## Authentication Methods

There are two ways to authenticate:

| Method | Use case | How to get it |
|--------|----------|---------------|
| **API key** | Direct API calls, scripts, CI/CD | Create at [app.cline.bot](https://app.cline.bot) Settings > API Keys |
| **Account auth token** | Cline extension and CLI | Generated automatically when you sign in |

Both methods use the same header format:

```bash
Authorization: Bearer YOUR_TOKEN
```

## API Keys

API keys are the recommended authentication method for programmatic access.

### Creating a Key

<Steps>
  <Step title="Sign in">
    Go to [app.cline.bot](https://app.cline.bot) and sign in.
  </Step>
  <Step title="Open API Keys">
    Navigate to **Settings** > **API Keys**.
  </Step>
  <Step title="Create and copy">
    Create a new key. Copy it immediately as you will not be able to see it again.
  </Step>
</Steps>

### Deleting a Key

You can revoke an API key at any time from the same Settings > API Keys page. Deleted keys stop working immediately.

You can also manage keys programmatically through the [Enterprise API](/enterprise-solutions/api-reference#api-keys):

```bash
# List your keys
curl https://api.cline.bot/api/v1/api-keys \
  -H "Authorization: Bearer YOUR_TOKEN"

# Delete a key
curl -X DELETE https://api.cline.bot/api/v1/api-keys/KEY_ID \
  -H "Authorization: Bearer YOUR_TOKEN"
```

## Account Auth Tokens

When you sign in to the Cline extension (VS Code, JetBrains) or CLI, an account auth token is generated and managed automatically. You do not need to handle these tokens manually.

The Cline CLI uses these tokens when you authenticate via:

```bash
# Interactive sign-in
cline auth

# Or quick setup with an API key
cline auth -p cline -k "YOUR_API_KEY" -m anthropic/claude-sonnet-4-6
```

See the [CLI Reference](/cline-cli/cli-reference#cline-auth) for all auth options.

## Security Best Practices

**Do:**
- Store API keys in environment variables or a secrets manager
- Use different keys for development and production
- Rotate keys periodically
- Delete keys you no longer use

**Do not:**
- Commit keys to version control
- Share keys in chat or email
- Embed keys in client-side code (browsers, mobile apps)
- Log keys in application output

### Using Environment Variables

```bash
# Set the key
export CLINE_API_KEY="your_api_key_here"

# Use it in requests
curl -X POST https://api.cline.bot/api/v1/chat/completions \
  -H "Authorization: Bearer $CLINE_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{"model": "anthropic/claude-sonnet-4-6", "messages": [{"role": "user", "content": "Hello"}]}'
```

### Using a .env File

```bash
# .env (add to .gitignore)
CLINE_API_KEY=your_api_key_here
```

```python
import os
from openai import OpenAI

client = OpenAI(
    base_url="https://api.cline.bot/api/v1",
    api_key=os.environ["CLINE_API_KEY"],
)
```

## Custom Headers

The Cline API accepts optional headers for tracking and identification:

| Header | Description |
|--------|-------------|
| `HTTP-Referer` | Your application's URL. Helps with usage tracking. |
| `X-Title` | Your application's name. Appears in usage logs. |
| `X-Task-ID` | A unique task identifier. Used internally by the Cline extension. |

## Related

<CardGroup cols={2}>
  <Card title="Getting Started" icon="rocket" href="/api/getting-started">
    Create your first API key and make a request.
  </Card>
  <Card title="Enterprise API Keys" icon="building" href="/enterprise-solutions/api-reference#api-keys">
    Manage API keys programmatically.
  </Card>
</CardGroup>