MediaMetz/gemini-cli
1
0
Fork 0
mirror of https://github.com/google-gemini/gemini-cli.git synced 2026-04-24 20:14:44 -07:00
Code Issues Packages Projects Releases Wiki Activity

Add enforcedAuthType setting (#6564)

Browse Source
This commit is contained in:
christine betts
2025-09-03 15:33:37 -07:00
committed by GitHub
parent 5cc23f0cd8
commit 987f08a619
10 changed files with 194 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files
docs/cli/enterprise.md
+14
View File
@@ -317,6 +317,20 @@ For auditing and monitoring purposes, you can configure Gemini CLI to send telem
**Note:** Ensure that `logPrompts` is set to `false` in an enterprise setting to avoid collecting potentially sensitive information from user prompts.
## Authentication
You can enforce a specific authentication method for all users by setting the `enforcedAuthType` in the system-level `settings.json` file. This prevents users from choosing a different authentication method. See the [Authentication docs](./authentication.md) for more details.
**Example:** Enforce the use of Google login for all users.
```json
{
"enforcedAuthType": "oauth-personal"
}
```
If a user has a different authentication method configured, they will be prompted to switch to the enforced method. In non-interactive mode, the CLI will exit with an error if the configured authentication method does not match the enforced one.
## Putting It All Together: Example System `settings.json`
Here is an example of a system `settings.json` file that combines several of the patterns discussed above to create a secure, controlled environment for Gemini CLI.