Stripe CLI keys and permissions

Learn about default Stripe CLI keys generated when you run "stripe login" and their permissions.

By default, you can use your account’s secret keys to perform any API request without restriction. When you run the stripe login command to authenticate to the Stripe CLI, the CLI generates a set of restricted keys for your account (one test mode, one live mode) that’re valid for 90 days.

About restricted keys

Unlike an API secret key, a restricted key generated by the Stripe CLI has restrictions on the API requests that it can perform. You can create new restricted keys in the Dashboard with different restrictions, or specify any API key using the --api-key flag.

Where keys are stored

The CLI stores the keys in the Restricted keys section on the API Keys page and your local machine in ~/.config/stripe/config.toml.

Where to find permissions

Use these steps to view the permissions associated with your restricted key:

Open the API keys page.
Scroll down to the Restricted keys section.
Hover over the info () icon next to your CLI key name to view permissions.

Specify an API key

Use the --api-key flag to specify your API secret key inline each time you send a request.

Command Line

stripe login --api-key sk_test_4eC39HqLyjWDarjtT1zdp7dc

Welcome to the Stripe Shell! Stripe Shell is a browser-based shell with the Stripe CLI pre-installed. Log in to your Stripe account and press Control + Backtick (`) on your keyboard to start managing your Stripe resources in test mode. - View supported Stripe commands: - Find webhook events: - Listen for webhook events: - Call Stripe APIs: stripe [api resource] [operation] (e.g., )