Credentials
Smartloop uses a developer token to authenticate CLI and TUI operations against the platform. This page covers how tokens are stored, set, and managed.
How Tokens Are Stored
When you save a developer token, Smartloop will attempt to use the most secure storage backend available on your system:
| Backend | Platform | Description |
|---|---|---|
| System Keychain | macOS (Keychain), Linux (Secret Service / libsecret), Windows (Credential Manager) | Tokens are stored in your OS credential store — encrypted and managed by the operating system. |
| Fernet Encrypted File | All platforms (fallback) | If no system keychain is available, tokens are written to a local $SLP_HOME/.credentials file using Fernet symmetric encryption. |
The CLI automatically selects the best available backend — no configuration needed.
The system keychain is always preferred when available. The encrypted file fallback ensures credentials are never stored in plaintext.
Using Smartloop Without a Token
Running slp init with no token will initialize a project using the default free model. No sign-up is required to get started — you can use the tool right away:
slp init
A developer token unlocks additional capabilities, but most features — including access to advanced models — require an active subscription.
Setting Your Token
You can obtain a developer token from https://app.smartloop.ai/developer.
There are three ways to set your token:
During Project Init
Pass your token when initializing a new project:
slp init -t <developer_token>
or using the long flag:
slp init --developer_token <developer_token>
This stores the token and configures the project in one step. See Getting Started for more on project setup.
Via the CLI
Set or update your token at any time:
slp token set <developer_token>
Via the TUI
Inside the interactive TUI (slp), use slash commands:
/token set <developer_token>
Viewing Your Token
View the currently stored token from the CLI or TUI. The token is displayed in obfuscated form — only a few characters at the start and end are shown, with the rest masked:
slp token
Or from inside the TUI:
/token
Example output:
Developer token: slp_bDmz...Hcg
Clearing Your Token
To remove a stored token from the TUI:
/token clear
This deletes the token from whichever storage backend is in use (keychain or encrypted file).
Quick Reference
| Action | CLI | TUI |
|---|---|---|
| Set token during init | slp init -t <token> | — |
| Set / update token | slp token set <token> | /token set <token> |
| View token (obfuscated) | slp token | /token |
| Clear token | — | /token clear |