rpk ai oauth-client dcr update
Update the tenant’s DCR settings. Only the flags you pass change; everything else keeps its current value (the CLI reads the current settings and writes back the merged result).
Enable open self-registration:
rpk ai oauth-client dcr update --enabled --admission-mode open
Require admin-minted Initial Access Tokens instead:
rpk ai oauth-client dcr update --admission-mode initial-access-token
Turn the endpoint off again:
rpk ai oauth-client dcr update --enabled=false
Flags
| Value | Type | Description |
|---|---|---|
|
string |
how callers are admitted: open, initial-access-token. |
|
strings |
MCP URL every DCR-issued client may request tokens for; "*" = any. repeatable. |
|
int32 |
max concurrent DCR-issued clients (0 = runtime default). |
|
- |
whether the public registration endpoint accepts requests. |
|
- |
help for update. |
|
int32 |
days of inactivity before a DCR client is removed (0 = never). |
|
int32 |
max registrations per hour (0 = runtime default). |
|
string |
output format: table|wide|json|yaml|markdown (env: RPAI_FORMAT) (default "table"). |
|
- |
disable colored output (env: NO_COLOR). |
|
string |
path to rpai config (env: RPAI_CONFIG) (default "/var/lib/redpanda/.rpai/config"). |
|
string |
override the selected environment’s AI Gateway URL for this invocation. |
|
string |
rpai profile name (env: RPAI_PROFILE). |
|
- |
verbose debug logging to stderr (env: RPAI_VERBOSE). |
|
string |
static bearer token override (ambient RPAI_TOKEN is ignored under rpk ai). |