cargo login: Usage, Options & Common CI Errors
Save an API token for crates.io publishing.
cargo login saves a registry authentication token to the credentials file so later cargo publish calls can upload. In CI you usually skip it and pass the token via environment variable instead.
What it does
Writes the supplied token into $CARGO_HOME/credentials.toml. cargo publish then reads it automatically. Without an argument it reads the token from stdin interactively.
Common usage
cargo login # prompt for token
cargo login --registry my-registry # named registry
# CI-friendly: skip login, set the env var instead
export CARGO_REGISTRY_TOKEN="${{ secrets.CRATES_TOKEN }}"
cargo publishCommon CI error: token printed to logs
Passing the token as a positional argument (cargo login <token>) can leak it into CI logs and process listings. Fix: prefer the CARGO_REGISTRY_TOKEN environment variable (a GitHub Actions secret), which cargo publish reads directly - no cargo login step needed.
Options
| Flag | Effect |
|---|---|
| --registry <name> | Log in to a named registry |
| <token> | Token argument (avoid in CI) |