Workers - Store Wrangler's OAuth credentials in your OS keychain
1mo ago
Source
CloudflareWorkers - Store Wrangler's OAuth credentials in your OS keychaincloudflare.comWrangler can now store the OAuth credentials returned by wrangler login in an AES-256-GCM -encrypted file, with the encryption key held in your operating system keychain. The default behavior is unchanged — credentials still live in a plaintext TOML file unless you opt in. To opt in, run: npx wrangler login --use-keyring The choice is persisted across Wrangler invocations. Opt back out with npx wrangler login --no-use-keyring , or override the preference for a single command with the CLOUDFLARE_AUTH_USE_KEYRING environment variable. wrangler whoami now reports where credentials are stored: 🔐 Credentials are stored in: Encrypted file (~/.config/.wrangler/config/default.enc) with key in macOS Keychain ( service = wrangler, account = default ) Per-platform backends: macOS uses the built-in Keychain via /usr/bin/security . Linux uses libsecret via the secret-tool CLI from the libsecret-tools package. Windows uses Credential Manager via @napi-rs/keyring , installed on-demand the first time you opt in. Refer to Storing OAuth credentials in the OS keychain for the full details, including the migration behavior on opt-in/opt-out and the CLOUDFLARE_AUTH_USE_KEYRING environment variable.

Comments
Sign in to join the conversation.
No comments yet. Be the first.