Authentication keys

Last update: 2024-02-05
  • Created for:
  • Admin
    Developer

You must have an authentication key to access the Adobe Commerce repository and to enable install and update commands for your Adobe Commerce on cloud infrastructure project. There are two methods for specifying Composer authorization credentials.

  • authentication file—A file that contains your Adobe Commerce authorization credentials in your Adobe Commerce on cloud infrastructure root directory.
  • environment variable—An environment variable to set up authentication keys in your Adobe Commerce on cloud infrastructure project to prevent accidental exposure.

Security note

Adobe recommends using the environment variable method with your cloud project to prevent accidental exposure of your authorization credentials.

The authentication file method is ideal when using Cloud Docker for Commerce as a local development tool, but be careful not to upload the auth.json file to a public Git-based repository. You can add the auth.json file to the .gitignore file.

Authentication file

To create an auth.json file:

  1. If you do not have an auth.json file in your project root directory, create one.

    • Using a text editor, create an auth.json file in your project root directory.
    • Copy the contents of the sample auth.json into the new auth.json file.
  2. Replace <public-key> and <private-key> with your Adobe Commerce authentication credentials.

    {
        "http-basic": {
            "repo.magento.com": {
                "username": "<public-key>",
                "password": "<private-key>"
            }
        }
    }
    
  3. Save your changes and exit the text editor.

Composer auth environment variable

The following method is the best way to prevent accidental exposure of sensitive credentials in a public Git-based repository.

To add authentication keys using an environment variable:

  1. In the Cloud Console, click the configuration icon on the right side of the project navigation.

    Configure project
  2. In the Project Settings list, click Variables.

  3. Click Create variable.

  4. In the Variable name field, enter env:COMPOSER_AUTH.

  5. In the Value field, add the following and replace <public-key> and <private-key> with your Adobe Commerce authentication credentials:

    {
        "http-basic": {
            "repo.magento.com": {
                "username": "<public-key>",
                "password": "<private-key>"
            }
        }
    }
    
  6. Select Available during buildtime and deselect Available during runtime.

  7. Click Create variable.

  8. Remove the auth.json file from each environment.

On this page