fix: don't create new api keys each time we do workspace polling

fioan89 · fioan89 · commit 25df5d9ac725 · 2025-09-05T22:34:59.000+03:00
The default behavior for `coder login --token &lt;token&gt;` is to:
- use the provided token temporarily to authenticate the login process
- generate a new session token and stores that for future CLI use
- the original token provided is not stored or reused

The Coder `Recent projects` view polls every 5 seconds for workspaces from
multiple Coder deployment. The polling process also involves a call
to the `cli.login`. The cli is later used start workspaces if user clicks on
a project for which the workspace is stopped. Instead of generating a new token
each time we login we can use the `coder login --use-token-as-session --token &lt;token&gt;` which:
- uses the provided token directly as the session token
- stores the original token for future CLI commands
- no new token is generated
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -4,6 +4,10 @@
 
 ## Unreleased
 
+### Fixed
+
+- api keys are no longer created each time workspaces are polled
+
 ## 2.22.1 - 2025-07-30
 
 ### Added
diff --git a/src/main/kotlin/com/coder/gateway/cli/CoderCLIManager.kt b/src/main/kotlin/com/coder/gateway/cli/CoderCLIManager.kt
@@ -288,6 +288,7 @@ class CoderCLIManager(
         return exec(
             "login",
             deploymentURL.toString(),
+            "--use-token-as-session",
             "--token",
             token,
             "--global-config",
