Repoburg
Login

Authentication

Device Authorization Flow

Repoburg uses a secure device authorization flow to link your local CLI to your repoburg.com account. This ensures that only authorized devices can interact with the platform.

  1. You run a command like repoburg start or repoburg login.
  2. The CLI communicates with the local daemon, which requests a unique device code from the Repoburg website API.
  3. A special login URL containing this code is opened in your browser, taking you to repoburg.com.
  4. You log in to your repoburg.com account on the website.
  5. You are then asked to approve the device connection on your account dashboard, which shows the device code for verification.
  6. Once you approve, the website securely stores an access token associated with your device code. You can then close this browser tab.
  7. Meanwhile, the daemon on your machine polls the website. Once it sees the access token is ready, it downloads it and stores it securely in ~/.repoburg/token.jwt.
  8. Your device is now authenticated, and the original command proceeds. The token is valid for 30 days.

Note: The repoburg.com website is used for authentication, while the main application where you interact with the AI is app.repoburg.com. The CLI will open the main application for you after a successful repoburg start command.