Conversation
The authorize page now returns a User API Token instead of a gateway key. After browser auth, the CLI calls the Edgee management API to select an org, create/retrieve a gateway API key (with compression), and store it. - Add API client module (src/api.rs) for Edgee management API calls - Update login flow: remove compression param, add org selection and get-or-create key endpoint - Add user_token, api_key_id, org_id fields to credentials (v3) - Separate gateway URL (EDGEE_API_URL) from console API (EDGEE_CONSOLE_API_URL) - Show re-login tip for users with legacy v2 credentials Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
user_token, email, user_id, org_slug, org_id are account-level and shared across providers. Reuse existing user_token when setting up a new coding assistant instead of requiring browser auth again. - Separate gateway URL (EDGEE_API_URL) from console API (EDGEE_CONSOLE_API_URL) - Use get-or-create endpoint with compression flag - Extract browser_auth into its own function - Skip browser auth when user_token already exists Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
There was a problem hiding this comment.
Pull request overview
This PR updates the CLI authentication/config flow to use an Edgee Console API client for org selection and API key provisioning, and switches launch commands to use the Edgee gateway base URL.
Changes:
- Add
ApiClient(reqwest-based) to list organizations and get/create gateway API keys duringedgee auth login. - Restructure credentials (v3) to store a user token + org info at the top level, and add
api_key_idto provider configs. - Update Claude/Codex launch to use
gateway_base_url()and read org slug from top-level credentials.
Reviewed changes
Copilot reviewed 8 out of 9 changed files in this pull request and generated 4 comments.
Show a summary per file
| File | Description |
|---|---|
| src/main.rs | Registers the new api module. |
| src/api.rs | Adds Console API client for org listing and API key provisioning. |
| src/config.rs | Bumps credentials version to v3; adds new credential fields and base URL helpers. |
| src/commands/auth/login.rs | Reworks login flow to reuse a user token and provision provider keys via Console API. |
| src/commands/auth/status.rs | Updates status output to reflect new credential fields. |
| src/commands/launch/claude.rs | Switches Claude launch to gateway URL + top-level org slug. |
| src/commands/launch/codex.rs | Switches Codex launch to gateway URL + top-level org slug. |
| Cargo.toml | Adds reqwest and serde_json. |
| Cargo.lock | Locks new dependencies. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| match &creds.email { | ||
| Some(e) if !e.is_empty() => println!( | ||
| "\n {} {}", | ||
| style("✓").green().bold(), | ||
| style(format!("Logged in as {e}")).bold() | ||
| ), | ||
| _ => println!( | ||
| "\n {} {}", | ||
| style("✓").green().bold(), | ||
| style("Logged in").bold() | ||
| ), | ||
| } |
There was a problem hiding this comment.
The status output always prints a green "✓ Logged in" message even when only provider API keys exist and user_token is missing. This is misleading for users and inconsistent with the launch commands’ "Tip: Run edgee auth login" behavior. Consider printing "Authenticated" only when user_token is set, and otherwise printing something like "API key configured" / "Not authenticated" with a suggested next step.
| mod api; | ||
| mod commands; | ||
| mod config; |
There was a problem hiding this comment.
The PR description template hasn't been filled out (it still contains placeholders for "Description of Changes" / related issues). Please add a brief summary of what changed and why so reviewers can validate the intent against the implementation.
| Some(2) => { | ||
| let creds: Credentials = toml::from_str(content)?; | ||
| Ok((creds, true)) | ||
| } |
There was a problem hiding this comment.
migrate() for credentials version 2 deserializes directly into the new Credentials/ProviderConfig structs. Any fields that existed in v2 but were removed from ProviderConfig (e.g. provider-scoped email, user_id, org_slug) will be silently dropped and then permanently lost when read() rewrites the file. Consider defining a CredentialsV2 + ProviderConfigV2 that matches the v2 schema and explicitly mapping/moving those values into the new top-level Credentials fields (and leaving api_key_id as None if not available).
| let has_any = creds.user_token.as_deref().filter(|t| !t.is_empty()).is_some() | ||
| || creds.claude.as_ref().map(|c| !c.api_key.is_empty()).unwrap_or(false) | ||
| || creds.codex.as_ref().map(|c| !c.api_key.is_empty()).unwrap_or(false); |
There was a problem hiding this comment.
has_any treats having a provider API key configured as equivalent to being authenticated (user_token present). This makes edgee auth status report a logged-in state even when the user is not actually authenticated (and other commands show a tip to run edgee auth login). Consider separating "authenticated" (user_token present) from "configured" (provider api keys present) and adjust the output accordingly.
Checklist
Description of Changes
Describe your changes here
Related Issues
List related issues here