Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.rafftechnologies.com/llms.txt

Use this file to discover all available pages before exploring further.

Updated May 8, 2026 raff configure writes a YAML config file at ~/.raff/config.yaml containing your API key, the API base URL, and an optional default project ID. The CLI reads this on every command unless overridden by env vars or flags.

Run interactively

raff configure
The command prompts for:
  • API key — paste an raff_<suffix> key from the API Keys page
  • API base URL — defaults to https://api.rafftechnologies.com (production); change only if you’re testing against a non-prod environment
  • Default project ID — optional but useful; lets you skip --project-id on every command. Get it from raff project list after configuring

Multiple profiles

Use --profile <name> to keep separate credentials for different accounts or environments: 
# Default profile (used when no --profile flag)
raff configure

# Named profile
raff configure --profile staging

# Use the profile on a command
raff vm list --profile staging
The config file ends up looking like: 
profiles:
  default:
    api_url: https://api.rafftechnologies.com
    api_key: raff_<your-prod-key>
    project_id: <your-prod-default-project-id>
  staging:
    api_url: https://api.rafftechnologies.com
    api_key: raff_<your-staging-key>
    project_id: <your-staging-default-project-id>
You can edit ~/.raff/config.yaml directly if you prefer.

Environment variables (skip the config file)

For CI/CD or one-off shells, env vars work without configuring anything: 
export RAFF_API_KEY="raff_<your-key>"
export RAFF_API_URL="https://api.rafftechnologies.com"
export RAFF_PROJECT_ID="<your-default-project-id>"

raff vm list
Env vars override the config file but are themselves overridden by CLI flags.

Authentication precedence

Every command resolves credentials in this exact order:
  1. CLI flag--api-key, --api-url, --project-id on the command line
  2. Environment variableRAFF_API_KEY, RAFF_API_URL, RAFF_PROJECT_ID
  3. Config file — selected profile (or default if no --profile) in ~/.raff/config.yaml
If a credential isn’t set in any of those, the command fails with a clear error. The CLI never prompts for credentials mid-command — that’s a one-time configure thing.

Verify your setup

raff project list
If this returns a project list, you’re authenticated correctly. If it errors with 401 Unauthorized, double-check the API key. If it errors with 403 Forbidden, the key is valid but doesn’t have account.projects.view permission — see the role assigned to the key on the API Keys page.

Generate an API key

Get the key you need before configuring.

VM commands

Start using the CLI.

Roles, scopes, and the Owner

Why you may see a 403 even with a valid key.
Last modified on May 8, 2026