Authentication

Overview

C3 uses username and password authentication to secure communication between the mobile app and your backend server. This prevents unauthorized access to your coding sessions.

When you set credentials on your backend, the mobile app must use the same credentials to connect. This ensures only you can access your development machine.

When Required

Authentication is always required. C3 will not start without a username and password configured. This ensures your development machine is protected from unauthorized access.

Configuration

Set your credentials when starting the C3 backend:

Using CLI Flags

ccc --username myusername --password mypassword

# Short form
ccc -u myusername -p mypassword

Using Environment Variables

export CCC_USERNAME=myusername
export CCC_PASSWORD=mypassword
ccc

Mobile App Setup

The mobile app needs the same credentials to connect to your backend. There are two ways to configure this:

Option 1: QR Code (Recommended)

When you start C3 with credentials, the QR code displayed in the terminal includes your authentication details. Simply scan the QR code in the mobile app to automatically configure everything.

Option 2: Manual Entry

When creating or editing a server profile in the mobile app:

1. Go to Settings → Server Profiles
2. Create a new profile or edit an existing one
3. Enter the same username and password you used on the backend
4. Save the profile

Best Practices

• Use strong passwords: 12+ characters with mixed case, numbers, and symbols
• Use environment variables: Keep credentials out of command history
• Unique credentials: Don't reuse passwords from other services
• Rotate periodically: Change passwords if you suspect they may be compromised
• Secure your QR code: Don't share screenshots of your QR code as it contains your credentials