Skip to content

[Phase 2] Support subscription/OAuth agent credentials beyond API keys #25

Description

@Saber5656

Background

FR-2.6 injects credentials as env-var-backed files over tmpfs and assumes API keys (ANTHROPIC_API_KEY, OPENAI_API_KEY, ...). In practice many users authenticate Claude Code through a claude.ai subscription login (OAuth tokens stored under ~/.claude) and Codex through a ChatGPT login; those users have no API key at all. Without a decided story, cage run claude fails at authentication for a large share of real users, which undermines the core "run any agent" value proposition.

Scope

  • Decide and document the supported authentication modes per built-in adapter for pre-alpha (an explicit "API keys only" is acceptable, but it must be a documented decision with clear errors).
  • Extend credential injection so file- or directory-backed credentials (not only env values) can be delivered through the same tmpfs channel with the same delete-after-start guarantees, e.g. mapping a host credential file into the agent home.
  • Decide whether interactive in-container login (device-code / OAuth flows run by the agent CLI itself) is a supported path, and what happens to tokens the agent writes inside the container (they die with the session unless persisted deliberately).
  • Guarantee credential material never appears in image layers, logs, --dry-run output, or docker inspect.

Acceptance Criteria

  • A per-adapter authentication support matrix is documented (API key / OAuth token file / in-container login: supported, unsupported, or planned).
  • File-based credentials can be injected via tmpfs and are deleted after agent start, matching [Phase 1] Inject credentials through tmpfs and delete them after startup #11 guarantees.
  • Missing or expired credentials produce an actionable error with exit code 4 (auth error) per the CLI UX spec.
  • No credential content is observable via logs, dry-run output, or container metadata.

References

Metadata

Metadata

Assignees

No one assigned

    Labels

    enhancementNew feature or request

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions