# Token Management ## Managing OnePub tokens & how they interact with `dart pub` In order for the Dart CLI tooling to interact with OnePub, you need to provide it with a OnePub token so the Dart tooling can authenticate itself to OnePub. The following guide discusses the multiple ways you can provide Dart with a OnePub token but the easiest way is to simply run: `onepub login` The Dart CLI tools can now publish and get packages to/from OnePub. This guide explains OnePub 'Tokens', how to generate/export them, and exactly how they’re consumed by the Dart toolchain (`dart pub`) in local dev, CI, and containers. *** ### 1) OnePub tokens There is **only one type of token** in OnePub: the **member token**. * Each token belongs to a specific **member**. * It lasts **30 days**, but: * Every time the token is successfully used, its life is automatically **extended** for another 30 days. * Tokens grant the same level of package access that the member has. This single‑token model keeps things simple: whether you're developing locally, publishing a package, or running CI, you always use the same member token. The Team and Enterprise editions allow you to create a specialised CI/CD member that can be used in your CI/CD pipeline. *** ### 2) Obtaining a Token You can obtain a OnePub Token via one of three methods. * Implicitly * Run 'onepub login' from any CLI environment. This command authenticates you with OnePub and then makes the token visible to the Dart CLI tooling. * Export a Token * After logging via the `onepub login` command you can run `onepub export` to [export you OnePub token](/guides/cli-integration/export.md). * If you are a OnePub Administrator you can export any Member's token. If you are a Team Leader you can export any of your Team's tokens. The ability to export another Member's Token requires a Team or Enterprise license. * Copy Token from UI * You can copy a token from the Member page within the OnePub UI. (My OnePub | Members - 'Export Token'). * Importing * However you have obtained a token you can [import](/guides/cli-integration/import.md) the Token into your CLI environment (or that of a container) using the `onepub import` command, setting an environment variable or by directly editing the pub-tokens.json file (see below). ### 3) Invalidating a Token If a OnePub token is compromised you can invalidate any Member's token from the OnePub UI. Navigate to \`My OnePub | Members', find the Member and click the 'Invalidate CLI Tokens... OnePub'. ### 4) Dart's interaction with OnePub tokens When Dart encounters a 'publish\_to' key or a 'hosted\_url' dependency in you pubspec.yaml it checks Dart's pub-tokens.json file for a matching url. Each url listed in Dart's pub-tokens.json file has an associated token (in our case the OnePub Token) which is then used by Dart to authenticate with the host. When you run the `onepub login` or `onepub import` commands, OnePub simply adds the OnePub Token to to Dart's pub-tokens.json file. * Manually add a OnePub Token - Not recommended If all else fails you can manually add a OnePub token to Dart's pub-tokens.json ```bash mkdir -p "$HOME/.config/dart/pub-tokens.json" cat > "$HOME/.config/dart/pub-tokens.json" <<'JSON' {"version":1,"hosted":[{"url":"https://onepub.dev/api/yzohnoflyg/","token":""} JSON ``` Replace \ with your actual token. *** *** --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.onepub.dev/workflows/token-management.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.