Skip to main content
GuidesBeginner1 min read

Access and Roles Overview

Understand how access to Vibgrate Cloud works and how the CLI authenticates against your workspace. Learn the difference between interactive login and DSN-based uploads.

Vibgrate Docs

Vibgrate Help

Before you roll Vibgrate Cloud out across teams, it helps to understand how access works: how the CLI proves who it is, and how interactive and automated access differ. This overview covers the essentials.

Overview

The Vibgrate CLI acts against a Vibgrate Cloud workspace. It authenticates in one of two ways depending on context: an interactive browser login for people, and a DSN token for machines. Everything you can see and push is scoped to the workspace you are authenticated against.

Interactive access for developers

Developers sign the CLI into their workspace from the browser — no token to copy:

vg login

To sign out and clear the stored credential:

vg logout

Programmatic access for automation

CI and other non-interactive environments cannot open a browser, so they authenticate with a DSN token generated by vg dsn create and supplied via --dsn:

vg scan --push --dsn "$VIBGRATE_DSN"

Because a DSN can push to your workspace, treat it as a secret, scope it to CI, and rotate it if it is exposed. See Create a Data Source with vg dsn create.

What this controls

Authentication determines which workspace your scans land in and which dashboards, portfolios, and team views you can see. Aligning repository names and application mappings (see Map Repositories to Applications) is what makes those views meaningful once you are in.

Related

Push Scan Results to Vibgrate Cloud, Build Team Dashboards, and Troubleshooting Push and Authentication.