Authentication keys

You must have an authentication key to access the Adobe Commerce repository and to enable install and update commands for your Adobe Commerce on cloud infrastructure project. There are two methods for specifying Composer authorization credentials.

  • authentication file—A file that contains your Adobe Commerce authorization credentials in your Adobe Commerce on cloud infrastructure root directory.
  • environment variable—An environment variable to set up authentication keys in your Adobe Commerce on cloud infrastructure project to prevent accidental exposure.

Security note

Adobe recommends using the environment variable method with your cloud project to prevent accidental exposure of your authorization credentials.

The authentication file method is ideal when using Cloud Docker for Commerce as a local development tool, but be careful not to upload the auth.json file to a public Git-based repository. You can add the auth.json file to the .gitignore file.

Authentication file

To create an auth.json file:

  1. If you do not have an auth.json file in your project root directory, create one.

    • Using a text editor, create an auth.json file in your project root directory.
    • Copy the contents of the sample auth.json into the new auth.json file.

  2. Replace <public-key> and <private-key> with your Adobe Commerce authentication credentials.

    {
    "http-basic": {
        "repo.magento.com": {
            "username": "<public-key>",
            "password": "<private-key>"
        }
    }
}

  3. Save your changes and exit the text editor.

Composer auth environment variable

The following method is the best way to prevent accidental exposure of sensitive credentials in a public Git-based repository.

To add authentication keys using an environment variable:

  1. In the Project Web Interface, click the configuration icon in the upper left corner.

    Configure project

  2. In the Configure Project view, click the Variables tab.

  3. Click Add Variable.

  4. In the Name field, enter env:COMPOSER_AUTH.

  5. In the Value field, add the following and replace <public-key> and <private-key> with your Adobe Commerce authentication credentials:

    {
    "http-basic": {
        "repo.magento.com": {
            "username": "<public-key>",
            "password": "<private-key>"
        }
    }
}

  6. Select Visible during build and deselect Visible at run.

  7. Click Add Variable.

  8. Remove the auth.json file from each environment.

On this page