Before you roll Vibgrate Cloud out across teams, it helps to understand how access works: how the CLI proves who it is, and how interactive and automated access differ. This overview covers the essentials.
Overview
The Vibgrate CLI acts against a Vibgrate Cloud workspace. It authenticates in one of two ways depending on context: an interactive browser login for people, and a DSN token for machines. Everything you can see and push is scoped to the workspace you are authenticated against.
Interactive access for developers
Developers sign the CLI into their workspace from the browser — no token to copy:
vg login
To sign out and clear the stored credential:
vg logout
Programmatic access for automation
CI and other non-interactive environments cannot open a browser, so they authenticate with a DSN token generated by vg dsn create and supplied via --dsn:
vg scan --push --dsn "$VIBGRATE_DSN"
Because a DSN can push to your workspace, treat it as a secret, scope it to CI, and rotate it if it is exposed. See Create a Data Source with vg dsn create.
What this controls
Authentication determines which workspace your scans land in and which dashboards, portfolios, and team views you can see. Aligning repository names and application mappings (see Map Repositories to Applications) is what makes those views meaningful once you are in.
Related
Push Scan Results to Vibgrate Cloud, Build Team Dashboards, and Troubleshooting Push and Authentication.