Skip to main content

Documentation Index

Fetch the complete documentation index at: https://rendobar.com/docs/llms.txt

Use this file to discover all available pages before exploring further.

The CLI reads credentials from three sources, in priority order:
  1. RENDOBAR_API_KEY environment variable
  2. Saved API key (from rb login --key)
  3. Saved OAuth token (from rb login)

Sign in (interactive)

rb login
Opens your browser, runs an OAuth 2.1 PKCE flow, catches the callback on http://127.0.0.1:14832/callback, and saves the tokens. Browser tab closes itself; the terminal prints your org and plan: 
  ✓ Signed in | Acme Corp | Pro plan
  Saved to /Users/you/.config/rendobar/credentials.json
If port 14832 is in use, login fails fast. Use --key instead.

Sign in with an API key

For SSH sessions, headless containers, or any environment without a browser: 
rb login --key rb_live_xxxxxxxxxxxxxxxxxxxxxxxx
The CLI verifies the key against the API, then saves it. Keys must start with rb_. Get one from app.rendobar.com → Settings → API keys.

Use an environment variable (CI)

RENDOBAR_API_KEY beats any saved credential and writes nothing to disk: 
export RENDOBAR_API_KEY=rb_live_xxx
rb ffmpeg -i input.mp4 -c:v libx264 -crf 23 out.mp4
This is the only auth path for CI. See CI/CD for the full GitHub Actions snippet.

Where credentials live

PlatformPath
Linux$XDG_CONFIG_HOME/rendobar/credentials.json (default ~/.config/rendobar/credentials.json)
macOS~/.config/rendobar/credentials.json
Windows%APPDATA%\rendobar\credentials.json
After OAuth login the file looks like: 
{
  "type": "oauth",
  "accessToken": "...",
  "refreshToken": "...",
  "expiresAt": 1714000000000
}
After --key: 
{ "type": "apikey", "apiKey": "rb_live_..." }
Treat the file as a secret. The CLI does not chmod it for you.

Token refresh

OAuth access tokens expire after 1 hour. The CLI refreshes 60 seconds before expiry on every API call, using the saved refresh token. You won’t see a re-login prompt unless the refresh token itself is revoked. If refresh fails (revoked, network, invalid_grant), the CLI exits 2 with the underlying error. Run rb login again.

Switch accounts

Sign out, sign back in: 
rb logout
rb login
There’s no profile system. To run a single command against a different account or test mode, set the env var inline: 
RENDOBAR_API_KEY=rb_test_xxx rb ffmpeg -i clip.mp4 -c:v libx264 out.mp4

Sign out

rb logout
Revokes the OAuth refresh token (best-effort, 5 s timeout) and deletes the credentials file. No-op when not signed in. To wipe credentials without a server round-trip: 
rm ~/.config/rendobar/credentials.json

Verify

rb whoami
Hits /orgs/current and prints org, plan, balance. Useful as a CI sanity check before submitting jobs.

See also