Links

Best practices

Set your personal access token as an environment variable

Your Specify personal access token must always be private. We highly recommend you to set it in a private environement variable or in a .env file.

Using an .env file in a JavaScript config file

.env
SPECIFY_TOKEN=ab83f8f49f5c65456c7b1fe70efbc804aa08f87150214aa984d4125945ed8283bash
ESM
CommonJS
.specifyrc.mjs
import path from 'node:path';
import process from 'node:process';
import dotenv from 'dotenv';
dotenv.config({
path: path.resolve(process.cwd(), '.env.specify-cli'),
});
export default {
version: '2',
repository: '@workspace/repository',
personalAccessToken: process.env.SPECIFY_TOKEN,
rules: [],
};
.specifyrc.cjs
const path = require('path');
const envFile = '.env';
require('dotenv').config({ path: path.resolve(process.cwd(), envFile) });
module.exports = {
version: '2',
repository: '@workspace/repository',
personalAccessToken: process.env.SPECIFY_TOKEN,
rules: [],
};

Using the --personal-access-token CLI flag

You can inject your personal access token through the --personal-access-token, -p CLI flag.
specify pull -p $SPECIFY_TOKEN
You can use this method to sync Specify with git repositories in GitLab, GitHub, Azure DevOps or Bitbucket.