To associate the Snyk CLI for use with your Snyk account, you must first authenticate your machine. No repository permissions are needed at this stage, only your email address. When you have authenticated, you can get started using the CLI.
Free and Team users have access to personal tokens only. Personal tokens are recommended for use with IDEs and the local CLI.
Snyk recommends that Enterprise customers use a service token to authenticate with a CI/CD. Avoid using a service token with an IDE.
For details, see How to obtain and authenticate with your Snyk API token.
Methods of authenticating with Snyk
If you are using Snyk on the EU and AU tenants, you must set your endpoints accordingly before running
snyk auth. For more information, see Regional hosting and data residency.
You can authenticate by using the CLI
snyk auth command to launch the authentication dialog in your browser. See the Auth command help. This method is the default and recommended.
You can also authenticate by using the
SNYK_TOKEN environment variable. For details, see Configure the Snyk CLI.
SNYK_TOKEN in a CI/CD environment.
You can authenticate Snyk CLI in your CI/CD programmatically as follows:
Use a SNYK_TOKEN envvar (preferred)
SNYK_TOKEN=<SNYK_API_TOKEN> snyk test
Or use a Snyk
snyk auth <SNYK_API_TOKEN>
You can specify either your personal API token or a service token, available for Enterprise customers only. See Service accounts for information on using service tokens.
Steps to authenticate using your API token
Go to your Snyk account, Account Settings > API Token section.
In the KEY field, choose click to show; then select and copy your API token. A screenshot follows.
In the CLI, run
snyk auth [<API_TOKEN>]or
snyk config set api=<token>. The
<API_TOKEN>is validated by the Snyk API.
For more details, see How to obtain and use your Snyk API token for instructions that apply to all applications and tools.