Description
The API supports Bearer authentication with ApiToken, but the CLI (apexstore-cli) has no subcommand to create, list, or revoke tokens. This makes the auth feature unusable from the command line.
Evidence
$ apexstore-cli --help
# No token/create/revoke subcommand available
Impact
- API authentication cannot be set up without writing custom code
- TokenManager is only accessible programmatically
- Feature is gated behind code, making it effectively dead for ops
Proposed fix
Add a token subcommand group to the CLI:
apexstore-cli token create <name> <permissions...> — generates a tokenapexstore-cli token list — lists all tokensapexstore-cli token revoke <id> — deletes a token
Severity
Low — auth is not wired (see #178), so tokens can't be used anyway. But once auth is fixed, tokens must be manageable from CLI.
Description
The API supports Bearer authentication with
ApiToken, but the CLI (apexstore-cli) has no subcommand to create, list, or revoke tokens. This makes the auth feature unusable from the command line.Evidence
Impact
Proposed fix
Add a
tokensubcommand group to the CLI:apexstore-cli token create <name> <permissions...>— generates a tokenapexstore-cli token list— lists all tokensapexstore-cli token revoke <id>— deletes a tokenSeverity
Low — auth is not wired (see #178), so tokens can't be used anyway. But once auth is fixed, tokens must be manageable from CLI.