Forkr can store a personal developer profile in the dashboard and sync it into a project user’s shared home directory. Use this when you want Codex, Claude Code, or other coding agents to be authenticated every time you work inside a box. The profile is scoped to your dashboard user and Forkr profile. When you sync it, Forkr writes managed files under /home/<user> for the selected project user. That home directory is shared by every box in the project and survives box deletion.
This is different from writing credentials into /root. Root’s home lives in the box root filesystem and is deleted with the box. A project user’s /home/<user> is project-scoped persistent state.

What gets synced

The dashboard sync writes these files into the target project user’s home:
PurposePath
Managed environment variables~/.config/forkr/profile.env
Managed shell startup file~/.config/forkr/profile.sh
Codex auth~/.codex/auth.json
Codex config~/.codex/config.toml
Claude Code credentials~/.claude/.credentials.json
Claude Code settings~/.claude/settings.json
Claude Code global state~/.claude.json
Forkr also adds this managed block to both ~/.bashrc and ~/.profile: 
# >>> forkr managed profile >>>
[ -f "$HOME/.config/forkr/profile.sh" ] && . "$HOME/.config/forkr/profile.sh"
# <<< forkr managed profile <<<
Auth files are written with 0600 permissions.

Configure the profile

Open the dashboard and go to Settings → Developer profile.
  1. Set Default project user, for example alice.
  2. Add non-secret environment variables under Environment:
EDITOR=vim
GIT_EDITOR=vim
  1. Add secret environment variables under Secret environment:
ANTHROPIC_API_KEY=sk-ant-...
OPENAI_API_KEY=sk-...
  1. Paste any agent auth files you want Forkr to manage:
    • Codex auth.json for ~/.codex/auth.json
    • Codex config.toml for ~/.codex/config.toml
    • Claude credentials.json for ~/.claude/.credentials.json
    • Claude settings.json for ~/.claude/settings.json
    • Claude .claude.json for ~/.claude.json
  2. Click Save profile.
Secret values are stored server-side and are not returned to the browser after saving. The dashboard only shows whether a secret or auth file is configured.

Sync into a box

After saving the profile, sync it into a running box from the same Settings card:
  1. Enter the project name.
  2. Enter a running box name.
  3. Enter the project user, or leave it as the default user.
  4. Click Sync.
Forkr creates the project user if needed, then writes the managed files into that user’s shared home. Open a shell as that user: 
4kr console --user alice my-box
Then check that the agent sees the expected auth: 
codex
claude
For a scripted check, source the managed profile: 
4kr exec --user alice my-box -- bash -lc '. ~/.config/forkr/profile.sh && env | grep -E "ANTHROPIC|OPENAI"'
Interactive shells source ~/.bashrc or ~/.profile. For non-interactive 4kr exec commands, source ~/.config/forkr/profile.sh when you need the managed environment in that command.

Codex

Codex reads its login state from ~/.codex/auth.json. To use a dashboard-managed Codex login inside boxes:
  1. Sign in to Codex on a machine where browser login works.
  2. Copy the contents of your local ~/.codex/auth.json.
  3. Paste it into Codex auth.json in the dashboard developer profile.
  4. Sync the profile into the project user.
  5. Run Codex as that user inside the box.
4kr console --user alice my-box
cd /work
codex
If you also have Codex preferences, paste your ~/.codex/config.toml into Codex config.toml.
Treat auth.json like a password. Anyone who can read it can use that login until it expires or is revoked.

Claude Code

Claude Code can authenticate with its native credential files or with environment variables. For native Claude Code auth:
  1. Sign in to Claude Code where browser login works.
  2. Copy the relevant Claude files:
    • ~/.claude/.credentials.json
    • ~/.claude/settings.json, if you use one
    • ~/.claude.json, if needed
  3. Paste them into the matching dashboard fields.
  4. Sync the profile into the project user.
  5. Run Claude Code as that user inside the box.
4kr console --user alice my-box
cd /work
claude
For API-key based Claude Code auth, add a secret environment variable instead: 
ANTHROPIC_API_KEY=sk-ant-...
Then source the managed profile in non-interactive commands: 
4kr exec --user alice my-box -- bash -lc '. ~/.config/forkr/profile.sh && claude --help'

Rotating or removing credentials

To replace a credential:
  1. Paste the new value into the matching dashboard field.
  2. Click Save profile.
  3. Sync the profile again.
To remove a stored auth file, click the delete button for that field, then sync again. To remove a synced file from an existing home directory immediately, delete it inside the box: 
4kr exec --user alice my-box -- bash -lc 'rm -f ~/.codex/auth.json ~/.claude/.credentials.json'

When to use 4kr inject

4kr inject is still useful for one-off root credentials in a specific box. The dashboard developer profile is better when you want repeatable, project-user based auth that survives box deletion and works across boxes in the same project.

Development

Connect editors and agents to boxes.

Environment

Understand project users, /home, PATH, and shell startup behavior.