Stripe CLI keys and permissions
Learn about default Stripe CLI keys generated when you run "stripe login" and their permissions.
By default, you can use your account’s secret keys to perform any API request without restriction. When you run the stripe login command to authenticate to the Stripe CLI, the CLI generates a set of restricted keys for your account (one for a sandbox, one in live mode) that are valid for 90 days.
About restricted keys
Unlike an API secret key, a restricted key generated by the Stripe CLI has restrictions on the API requests that it can perform. You can create new restricted keys in the Dashboard with different restrictions, or specify any API key using the --api-key flag.
Where keys are stored
The CLI stores the keys in the Restricted keys section on the API Keys page and your local machine in ~/..
Where to find permissions
Use these steps to view the permissions associated with your restricted key:
- Open the API keys page.
- Scroll down to the Restricted keys section.
- Hover over the info () icon next to your CLI key name to view permissions.
Specify an API key
- Use the
--api-keyflag to specify your API secret key inline each time you send a request.
stripe login --api-keysk_test_BQokikJOvBiI2HlWgH4olfQ2