HubPublic

Auth

Separate public review from workspace-required actions

Public review should stay easy. Claim, publish, favorites, settings, token issuance, and private package access should stay explicitly authenticated.

Public without login

Search, package detail review, docs, and many published snapshot reads stay on rawctx Hub.

Login required

Claim, publish, favorites, settings, self-serve workspace creation, tokens, and private registry access require auth.

Registry boundary

When you target a workspace-specific registry, keep the registry host explicit in CLI flags and Python clients.

Use browser login when the workflow is interactive. Use tokens when the workflow is CI, a notebook, or a long-running automation path. Either way, make the registry target explicit.

Auth should explain intent, not hide it. If a command needs a token or workspace context, that should be visible in the command itself or the client construction.

rawctx login --registry https://api.rawctx.dev
export RAWCTX_TOKEN="<workspace-or-user-token>"

python - <<'PY'
import os
import rawctx

client = rawctx.RawctxClient(
    registry="https://api.rawctx.dev",
    token=os.environ["RAWCTX_TOKEN"],
)

print(client.info("@pasar6987/stripe-subscriptions"))
PY
Workspace guideAuth failuresOpen login