crabbox logout clears the stored broker token from your user config so the CLI
no longer authenticates to the broker.
crabbox logout
crabbox logout --jsonLogout edits only the user config file (the path printed by
crabbox config path). It clears both token fields the broker
reads:
- the broker section's
token, and - the top-level
coordinatorToken.
Everything else is left in place:
- the broker
urlandprovider, so a latercrabbox logincan reuse the configured endpoint; - the broker admin token (
broker.adminToken), if one is stored — logout does not touch it; - per-lease SSH keys, repo claims, and recorded run history.
On success it prints:
logged out config=/path/to/config.yaml broker_auth=missing
With --json it emits the resolved config path and the new auth state:
{ "config": "/path/to/config.yaml", "brokerAuth": "missing" }| Flag | Description |
|---|---|
--json |
Print machine-readable JSON. |
- Broker-backed commands such as
crabbox whoami,crabbox run, andcrabbox warmupfail to authenticate against the broker because no token is sent. Re-runcrabbox login(orcrabbox login --token-stdin) to restore access. - Direct-provider mode keeps working when local provider credentials are present
(for example AWS SDK credentials or
HCLOUD_TOKEN), since direct mode talks to the cloud API and does not need a broker token.
- A token has leaked or you want to rotate it.
- You are switching the operator identity on a shared workstation.
- You are exercising the unauthenticated path.
To remove everything — broker URL, provider, both tokens, and profile defaults — edit the user config file directly.