Get started
Signing in
Sign in once with device authorization to unlock Market download, submit, Auto, and your profile.
What you need
- The
agentkitforgeCLI, or the Forge web app. - A web browser to approve the sign-in — it can be on any device, even your phone.
- An AgentKitProject account (you can create one during sign-in).
Step by step (CLI)
- Run
agentkitforge market login. - The CLI shows a short device code and a URL. Open it in your browser (any device).
- Confirm the code matches, then sign in or create an account.
- Approve access.
- Back in the CLI you're signed in — the token is stored securely and refreshes automatically.
The Forge web app is simpler: just open it and sign in on the normal browser sign-in page (a standard OAuth authorization-code redirect — no device code).
How it works
The CLI uses the OAuth 2.0 device authorization flow against your AgentKitProject IdP (Keycloak / OIDC), so it works on headless machines — approve the code from your phone or another computer. The token is kept in the OS keyring (macOS Keychain, Windows Credential Manager, or Linux Secret Service) with an encrypted-file fallback for headless hosts, and is sent as a bearer token to hosted Market routes. The web app instead keeps a normal session cookie after the browser sign-in.
Common mistakes
- Thinking you must sign in for local kit work — build, validate, package, and import via the CLI never need an account.
- Entering the device code on the wrong account.