Auth docs mention ~/.mmx/credentials.json, but authenticated CLI works without that file

[chrisgwynne]

Summary

The auth docs for mmx-cli say credentials are persisted to ~/.mmx/credentials.json, but in a real Linux setup the CLI can be authenticated and fully functional while that file does not exist.

This makes troubleshooting misleading, because users and agents will look for ~/.mmx/credentials.json, conclude auth is missing, and waste time debugging the wrong thing.

What I observed

Environment:

• Linux
• mmx installed with user npm prefix (npm_config_prefix=/home/chris/.npm-global)
• CLI version: mmx 1.0.7

Observed behavior:

1. ~/.mmx/credentials.json does not exist
2. mmx quota show --non-interactive --quiet --output json still succeeds
3. image generation also succeeds

So the CLI is definitely authenticated, just not via the location documented in the skill/docs snippet.

Reproduction

1. Install mmx-cli
2. Run mmx auth login --api-key ...
3. Check for ~/.mmx/credentials.json
4. Run mmx quota show --non-interactive --quiet --output json

Actual result

• No ~/.mmx/credentials.json
• Quota command succeeds, proving valid auth is present somewhere else

Expected result

One of these should be true:

• auth is actually persisted to ~/.mmx/credentials.json, or
• docs are updated to explain the real credential storage path/mechanism, or
• the CLI exposes a command to show active config/auth source

Why this matters

This is especially confusing in agent/CI environments, where docs imply a simple file existence check is a valid auth diagnostic. Right now that check is false-negative.