Documentation Index
Fetch the complete documentation index at: https://docs.coconut.dev/llms.txt
Use this file to discover all available pages before exploring further.
Documentation Index
Fetch the complete documentation index at: https://docs.coconut.dev/llms.txt Use this file to discover all available pages before exploring further.
Security
Configure how each Coconut instance authenticates
Security configuration
Per-instance security settings are edited on the Configuration tab for each Coconut in the dashboard (for example,/admin/coconuts/<id>).
Two authentication controls are grouped on that tab:
API Key Configuration
The API key authenticates control-plane requests from the Coconut Dashboard to the Coconut instance. It is stored encrypted at rest and is required for orchestration, integrations, and instance-level features to work end-to-end. The Effective auth mode banner above this section reflects whether requests will succeed (Using API key) or fail (No auth configured).
OAuth Client Configuration
Each Coconut instance gets its own dedicated OAuth client, registered automatically when an AWS-provisioned Coconut comes online. That client drives the Continue with Clerk SSO control on the instance login screen and is distinct from the API key, which covers control-plane authentication. The card shows the Client ID, the management endpoint (RFC 7592 registration URI when available), whether a registration access token is stored, and the deletion path used at deprovision (RFC 7592 vs. Backend API fallback). OAuth clients are only created for AWS-provisioned instances; other providers rely on API key authentication. Instances provisioned before OAuth support may show a Register OAuth Client action on the same card to create the client and surface a one-time SSH snippet for the VM.