Authentication keys

You must have an authentication key to access the Adobe Commerce repository and to enable install and update commands for your Adobe Commerce on cloud infrastructure project. There are two methods for specifying Composer authorization credentials.

  • authentication file—You must have an auth.json file that contains your Adobe Commerce authorization credentials in your Adobe Commerce on cloud infrastructure root directory.
  • environment variable—Alternatively, you can use an environment variable to set up authentication keys in your Adobe Commerce on cloud infrastructure project to prevent accidental exposure.

To create a auth.json file:

  1. If you do not have an auth.json file in your project root directory, create one.

    • Using a text editor, create an auth.json file in your project root directory.
    • Copy the contents of the sample auth.json into the new auth.json file.
  2. Replace <public-key> and <private-key> with your Adobe Commerce authentication credentials.

    {
        "http-basic": {
            "repo.magento.com": {
                "username": "<public-key>",
                "password": "<private-key>"
            }
        }
    }
    
  3. Save your changes and exit the text editor.

The following method is best to prevent accidental exposure of credentials, such as pushing an auth.json file to a public repository.

To add authentication keys using an environment variable:

  1. In the Project Web Interface, click the configuration icon in the upper left corner.

  2. In the Configure Project view, click the Variables tab.

  3. Click Add Variable.

  4. In the Name field, enter env:COMPOSER_AUTH.

  5. In the Value field, add the following and replace <public-key> and <private-key> with your Adobe Commerce authentication credentials:

    {
        "http-basic": {
            "repo.magento.com": {
                "username": "<public-key>",
                "password": "<private-key>"
            }
        }
    }
    
  6. Select Visible during build and deselect Visible at run.

  7. Click Add Variable.

  8. Remove the auth.json file from each environment.

On this page