Manage the routes that tell cordon which hosts to intercept and what credentials to inject.
cordon route add
Add a new route. With no flags, launches an interactive wizard that prompts for host, route name, auth type, secret source, and source-specific fields.
Non-interactive mode
Pass flags to skip the wizard. Requires --host, --auth-type, and --source:
cordon route add --host api.stripe.com --auth-type bearer --source keyring --account stripe-key
| Flag | Description |
|---|
--host | Hostname to match (e.g. api.stripe.com) |
--name | Route name (defaults to derived from host) |
--auth-type | bearer, basic, or api_key |
--source | 1password or keyring |
--vault | 1Password vault name (requires --source 1password) |
--item | 1Password item name (requires --source 1password) |
--field | 1Password field name (requires --source 1password) |
--account | Keyring account name (requires --source keyring) |
--username | Username (requires --auth-type basic) |
--header-name | Custom header name (requires --auth-type api_key, defaults to Authorization) |
--config | Path to cordon.toml |
Examples
# Interactive — wizard prompts for everything
cordon route add
# Bearer auth with keyring
cordon route add --host api.openai.com --auth-type bearer --source keyring --account openai
# API key auth with 1Password
cordon route add --host api.anthropic.com --auth-type api_key --header-name x-api-key \
--source 1password --vault Engineering --item "Anthropic API Key" --field credential
# Basic auth with keyring
cordon route add --host db.example.com --auth-type basic --username admin \
--source keyring --account db-password
# Custom route name
cordon route add --host api.stripe.com --name stripe-live \
--auth-type bearer --source keyring --account stripe-live-key
After adding a keyring-backed route, store the secret with cordon secret set <route-name>. 1Password routes don’t need this step — credentials are fetched from 1Password directly.
cordon route list
List all configured routes.
cordon route list [--config path/to/cordon.toml]
| Option | Description |
|---|
--config | Path to cordon.toml |
cordon route show
Show details of a single route.
cordon route show <name> [--config path/to/cordon.toml]
| Argument / Option | Description |
|---|
<name> | Route name to show |
--config | Path to cordon.toml |
cordon route remove
Remove a route by name.
cordon route remove <name> [--yes] [--config path/to/cordon.toml]
| Argument / Option | Description |
|---|
<name> | Route name to remove |
--yes, -y | Skip confirmation prompt |
--config | Path to cordon.toml |
