Skip to content

Commit

Permalink
docs: Update arch doc to remove keytar ref (#470)
Browse files Browse the repository at this point in the history
Merge shark. Its a doc update.
  • Loading branch information
shrutiburman authored Nov 14, 2022
1 parent 26e4119 commit d18c081
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion ARCHITECTURE.md
Original file line number Diff line number Diff line change
Expand Up @@ -121,7 +121,7 @@ When using the CLI, users can cache their credentials for multiple Twilio profil

Profile configuration data is stored in ~/.twilio-cli (moved from the preferred ~/.config/twilio-cli). We moved away from storing project configurations. To switch between multiple profiles a user can simply use the “twilio profiles:use” command. Profiles are the way to switch between multiple projects, and that really depends on how the user defines the project scope in each profile.

To get access to your Twilio resources, the CLI needs an API key to access it. Instead of asking the user to create an API key, however, we prompt them for their Account SID and Auth Token. Using these, we create an API key for them and save it directly in the config file instead of the system keychain (or whatever their operating system uses for secure password storage). This was done to support platforms without a keychain or similar services. Previously, the [keytar npm module](https://www.npmjs.com/package/keytar) was used to store the system keychains. We will make it clear to the user this key has been created for them and provide a link to view it in the console. The Account SID and Auth Token are not saved anywhere. Only the API Key SID and secret. We will make this clear to the users.
To get access to your Twilio resources, the CLI needs an API key to access it. Instead of asking the user to create an API key, however, we prompt them for their Account SID and Auth Token. Using these, we create an API key for them and save it directly in the config file instead of the system keychain (or whatever their operating system uses for secure password storage). This was done to support platforms without a keychain or similar services. We will make it clear to the user this key has been created for them and provide a link to view it in the console. This secure API Key and settings will be stored locally as a profile. The Account SID and Auth Token are not saved anywhere. We make this clear to the users.

## Commands and topics

Expand Down

0 comments on commit d18c081

Please sign in to comment.