CLI login

Authenticate the SDK with the device-code flow instead of copying API keys by hand.

Open .md

Use instantml login on any machine with a browser so scripts can run without pasting API keys.

Log in, check, and log out

Authenticate:

bash
instantml login

Print the current credential context:

bash
instantml whoami

Remove stored credentials:

bash
instantml logout

instantml login runs an OAuth 2.0 device-code flow: it prints a code, opens the browser confirmation page, and stores the resulting credential in ~/.instantml/credentials.

The stored credential carries the sdk:ingest, artifacts:write, imports:write, and export:read scopes. That covers run creation, metric logging, file and checkpoint uploads, imports, and reads or exports. Create a key from the dashboard only when a job needs additional scopes such as artifacts:manage or runs:control β€” see API-key scopes.

Understand credential resolution

im.init(...) resolves credentials in this order:

  1. Explicit api_key=....
  2. INSTANTML_API_KEY.
  3. CLI-stored credentials from instantml login.
  4. No credentials β€” top-level im.init(...) raises InstantMLError before it creates a run.
python
import instantml as im

# Explicit key
run = im.init(project="cartpole", api_key="instantml_...")

# Environment key (INSTANTML_API_KEY is set)
run = im.init(project="cartpole")

# After `instantml login`
run = im.init(project="cartpole")

Confirm in the browser

The device-code confirmation page formats codes as XXXX-XXXX, requires a browser session, and tells you when the terminal can continue.

Next steps