Skip to main content

Documentation Index

Fetch the complete documentation index at: https://mintlify.com/kitephp/CLIProxyAPI-Tray/llms.txt

Use this file to discover all available pages before exploring further.

CLIProxyAPI requires a secret key (secret-key in config.yaml) to access its management API and WebUI. CLIProxyAPI Tray handles the initial password setup and provides a way to reset it without editing config.yaml manually.

Initial password setup

On the first Start (or any time the tray detects that secret-key is empty), the tray checks whether a password is already configured:
1

Read config.yaml

The tray reads config.yaml and looks for a non-empty value under remote-management.secret-key.
2

Prompt if empty

If secret-key is empty or missing, a password dialog appears asking you to enter a password. The input is masked.
3

Write to config.yaml

When you click OK, the tray writes the entered password to config.yaml under remote-management.secret-key and shows a “Password saved to config.yaml” balloon tip. CLIProxyAPI hashes the plaintext value on startup.
4

Abort if cancelled

If you click Cancel or close the dialog without entering a password, the start is aborted with a “Password not set. Start cancelled.” balloon tip.

Where the password is stored

The password is written as plaintext to config.yaml. CLIProxyAPI reads and hashes it on startup, so only the hash is ever held in memory. 
remote-management:
  allow-remote: false
  secret-key: "your-password-here"
All management requests — even those from localhost — require this key. Leave secret-key empty to disable the management API entirely (all /v0/management routes return 404).

Resetting the password

1

Open the tray menu

Right-click the tray icon to open the context menu.
2

Open Settings → Reset Password

Click Settings, then click Reset Password.
3

Enter the new password

A password dialog appears. Enter the new password and click OK.
4

Confirm the write

The tray writes the new value to config.yaml and shows a confirmation balloon tip.
5

Restart CLIProxyAPI

Click Restart from the tray menu. CLIProxyAPI must restart to pick up the new password from config.yaml.

Allowing remote access

By default, allow-remote: false restricts management endpoints to localhost only. To allow access from other machines on your network, edit config.yaml and set: 
remote-management:
  allow-remote: true
Enabling remote access exposes the management API to your network. Make sure your secret-key is a strong, unique password before enabling this option.

Troubleshooting

The tray asks for a password whenever secret-key is empty in config.yaml. This usually means the previous write failed.Check that config.yaml is writable by the current user. If the file is in a protected directory (such as Program Files), move the installation to a user-writable location, or manually set secret-key in config.yaml using a text editor with elevated permissions.The tray shows an error balloon tip if it cannot write to config.yaml.
CLIProxyAPI reads config.yaml only on startup. After resetting the password, click Restart from the tray menu to apply the change. The old password remains active until the service restarts.

Build docs developers (and LLMs) love

Get started for freeTalk to us