Pipecat Cloud accounts are issued a personal workspace where you can deploy agents independently. User workspaces are unique and isolated from one another, making them unsuitable for collaboration.

Authentication

Before you can issue any commands via the CLI, you must authenticate with your Pipecat Cloud account. 
pcc auth login
This command will open a browser window and prompt you to authenticate with your Pipecat Cloud account. You can verify a login was successful by running the whoami command: 
pcc auth whoami
You can sign out of your account by running the following: 
pcc auth logout
Credentials Access tokens are stored locally on your device at ~/.config/pipecatcloud/pipecatcloud.toml. You can override the default location by setting the PIPECAT_CONFIG_PATH environment variable. If you need to revoke access to your account, please sign out of the Pipecat Cloud dashboard to invalidate your access token.

Organizations

Working as part of a team requires creating an organization. Organizations are multi-tenant workspaces that enable collaboration on deployments.
  • Billing and integrations are managed at the organization level.
  • Agents and secrets are shared across the organization, with varying roles and privileges.
  • Organizations have dedicated access tokens for initializing agent instances.
During the beta phase, deployments cannot be shared or moved between organizations or user accounts. If you plan to collaborate with others, we recommend creating a new organization.

Creating organizations

Organization creation must be done via the Pipecat Cloud dashboard.

Inviting accounts to your organization

While in beta you must know the account name of a given Pipecat Cloud user in order to invite them. We will add support for inviting users via email in the future. You can obtain your account name by running pcc auth whoami.

Working with organizations

You can get a list of available organizations that your account is a member of by running the following: 
pcc organizations list
You can switch to a different organization by running the following: 
pcc organizations select
Switching organizations will target all CLI commands to the selected organization. For example, pcc deploy will issue the deployment request to your select organization. Alternatively, you issue commands with the optional --org flag, for example: 
pcc deploy my-agent image-name --org my-organization

API keys

Pipecat Cloud requires using an API key for some CLI commands or interfacing via the REST API. API keys are issued at the user workspace and organization level. You can create up to 5 private and 5 public API keys for different agents / purposes.

Private API keys

Used to authenticate with private REST API endpoints. Private API keys are typically used for administrative tasks and should not be shared or used by end-user applications. Examples of where you may want to use private API keys include:
  • Managing organizations and users via the REST API
  • Server-to-server deployment scripts
  • GitHub actions
You should not share your private API key with anyone.

Public API keys

Public API keys are suitable for CLI usage for commands that could be invoked by end-user actions on the platform. Examples of where you may want to use public API keys include:
  • Starting an agent instance (via the CLI or REST API)
  • Server-to-server end-user applications
  • Client-side while developing / iterating
Public API keys allow starting new agent processes, so while they are generally safe to share, you should still be cautious to avoid malicious use (i.e. triggering your account rate limit.) We recommend keeping your public API key server-side and not sharing it in public repositories.

Managing API keys

You can create, cycle, revoke or delete API keys via the Pipecat Cloud dashboard and CLI. 
# Create a new API key
pcc organizations keys create

# List available keys
pcc organizations keys list
When using the CLI, you can specify a default API key to use for all commands that require it: 
pcc organizations keys use
Selecting a key will modify your local configuration file and use it for all subsequent commands. Please be aware that if the key is cycled or revoked, you will need to run the keys use command again to update your local configuration file with a new key.