In order to use the Cloudsmith API, or any other integrations or tools that make use of the Cloudsmith API, you will first need to get your API Key.

An API Key provides Read and Write access. If you want Read-only access, please use an Entitlement Token. API Keys and Entitlement Tokens should be treated as secrets to prevent unwarranted access.

Getting your API Key

There are two ways to retrieve your API Key:

  • Via the Website UI
  • Via the Cloudsmith CLI

Via the Website UI

Go to the API Key page in your user settings to view the API Key.


API-Key via Website UI

Via the Cloudsmith CLI

You can retrieve your API key using the cloudsmith login command:

cloudsmith login
Login: [email protected]
Password: PASSWORD
Repeat for confirmation: PASSWORD

NOTE: Please ensure you use your email for the 'Login' prompt.

Adding IP-Based restrictions to your API-Key

By default, you can use your API-Key from anywhere.

If you wish to restrict the use of your API-Key to a specific IP address or range, you can add the CIDR address/mask to the Allow List:


API-Key Allow List

One you have added your CIDR address/mask, just click the green "Update" button to apply your restriction.

Cloudsmith is the new standard in Package / Artifact Management and Software Distribution

With support for all major package formats, you can trust us to manage your software supply chain.

Start My Free Trial Now
Cookie Declaration (Manage Cookies)