Skip to main content

NanoGPT CLI Device Login Integration Guide

This guide explains how to integrate device login into your CLI application so users can authenticate without embedding a browser.

Overview

The NanoGPT CLI device login flow works like the GitHub CLI or Claude Code login:
  1. Your CLI requests a login code from NanoGPT.
  2. User opens a URL in their browser and signs in.
  3. User approves the CLI access.
  4. Your CLI receives an API key (sk-nano-...).

Step 1: Start the login flow

Make a POST request to initiate login:

Request body

Response

Step 2: Direct the user to approve

Display the verification_uri_complete URL to the user. They should open it in their browser. Example output in your CLI:
When the user opens the URL:
  1. They sign in with their NanoGPT account (Google, Discord, etc.).
  2. They see the verification code and click “Approve”.
  3. They can close the browser and return to the CLI.

Step 3: Poll for approval

Poll the status endpoint until you receive the API key:

Response codes

Polling example (bash)

Step 4: Use the API key

Once you have the API key, use it for all NanoGPT API requests. List available models:
Chat completions (OpenAI-compatible):

Complete integration example

API key management

  • API keys created through this flow are named CLI (<client_name>) in the user’s account.
  • Users can view and revoke keys at https://nano-gpt.com/api.
  • If the same client_name is used multiple times, the existing key is reused.
  • Keys do not expire unless manually revoked.

Error handling

Security best practices

  1. Store the API key securely (OS keychain, encrypted config, or secure credential storage).
  2. Never log or display the device_code.
  3. Handle key revocation by prompting the user to re-authenticate on 401s.
  4. Use HTTPS only (https://nano-gpt.com).

Rate limits

Summary