Configuration reference
All ~/.cori/config.toml keys and environment variables that control Cori's behavior.
Config file location
~/.cori/config.toml
Read and write values with cori config:
cori config get temporal.host
cori config set temporal.host temporal.mycompany.com:7233[temporal]
| Key | Type | Default | Description |
|---|---|---|---|
temporal.host | string | 127.0.0.1:7233 | Temporal gRPC endpoint. If unset and nothing serves this address, cori run auto-spawns a dev server. |
TODO: Confirm whether auto-spawning temporal server start-dev requires the temporal binary to be separately installed, or whether it is bundled with the Cori CLI.
[llm]
Configure LLM provider credentials. Keys are stored in the OS keychain; only the key names are stored in config.toml.
| Key | Description |
|---|---|
llm.openai.api_key | OpenAI API key |
llm.anthropic.api_key | Anthropic API key |
Additional providers follow the same pattern: llm.<provider>.api_key.
[remotes]
| Key | Type | Default | Description |
|---|---|---|---|
remotes.hosts | array of strings | ["github.com", "gitlab.com", "bitbucket.org"] | Allowed hosts for remote workflow refs. |
Environment variables
Environment variables override the config file.
| Variable | Overrides | Description |
|---|---|---|
CORI_TEMPORAL_TARGET | temporal.host | Temporal gRPC endpoint |
CORI_ASSUME_YES | — | Set to 1 to skip first-run consent prompts |
CORI_REAUTH_TIMEOUT_SECS | — | Timeout in seconds for re-authentication prompts |
CORI_DENO | — | Path to the Deno binary if not on PATH |
Credentials and secrets
Credentials (API keys, tokens) are stored in the OS keychain, not on disk. config.toml contains only key names and non-secret configuration. There is no general-purpose secrets vault in v1.
Never put credentials directly in config.toml — use cori config set which routes them to the keychain.