Alibaba Cloud Linux 4 Agentic Edition offers multiple authentication methods, model switching, and hierarchical configuration management, providing flexible configuration options. - Alibaba Cloud Linux

Alibaba Cloud Linux 4 Agentic Edition (Agentic OS) uses a hierarchical configuration system to manage settings for authentication, models, and tools, which can be overridden by project-level and user-level configuration files. This document describes three authentication methods: API key, Qwen login, and Alibaba Cloud AK/SK. It also explains how to switch models and details the precedence hierarchy and core settings for configuration files.

Authentication methods

When you start Agentic OS for the first time, it requires authentication to connect to large language model services. You can use the /auth command to switch authentication methods later.

Agentic OS currently supports three authentication methods.

API key (OpenAI-compatible endpoints)

In the interactive interface, select "OpenAI" and provide an API key and a base URL. Supported OpenAI-compatible endpoints include:

Model services from various cloud providers
Locally deployed models, such as vLLM and Ollama
Third-party API proxy services

Qwen login

Log in with your qwen.ai account. In the interactive interface, select "Qwen OAuth (Free)". The terminal then displays an authorization URL and a QR code. Open the URL in a browser or scan the QR code with your phone to complete the qwen.ai login and grant authorization.

Alibaba Cloud AK/SK

In the interactive interface, select "Alibaba Cloud AK/SK" to authenticate with your Alibaba Cloud AccessKey. This method provides a free usage quota.

Obtain an AK/SK:

Log in to the Alibaba Cloud console.
Create a key on the AccessKey management page.

Authentication with an Alibaba Cloud AK/SK provides a free usage quota, making it suitable for personal development and testing.

⚠️Note: The Alibaba Cloud AK/SK authentication method supports only Qwen-series text models and does not support multimodal models.

Authentication management

Operation	Command
View current authentication status	`/auth`
Switch authentication method	`/auth` (select from the interactive menu)
Log out	`/auth logout`

Troubleshooting: If authentication fails, verify that your API key is correct (with no leading or trailing spaces) and that your network can access the corresponding API endpoint. You can switch to the bash command line with /bash and run co --debug to view detailed error messages. Agentic OS supports configuring multiple authentication methods simultaneously. The system selects one based on priority, but you can also switch manually using the /auth command.

Model configuration

Switch models

Use the /model command to switch the model for the current session:

> /model
# A list of available models appears. Select the target model.

Configuration files

Interactive configuration

Use the /setting command to open an interactive interface where you can modify most settings.

Configuration hierarchy and precedence

The Agentic OS System Shell entrypoint, cosh, uses JSON-formatted configuration files to manage settings. Settings are applied in the following order of precedence, from highest to lowest:

command-line arguments > environment variables > project settings > user settings > default values

Configuration file locations

Type	Path	Description
user settings	`~/.copilot/settings.json`	Personal global configuration.
project settings	`.copilot/settings.json` (in the project root directory)	Project-specific configuration that can be shared with a team.

Core configuration items

general — General settings

Parameter	Type	Default	Description
`preferredEditor`	string	—	The editor to use for opening files.
`vimMode`	boolean	false	Enables Vim key bindings.
`enableAutoUpdate`	boolean	true	Automatically checks for updates.
`checkpointing.enabled`	boolean	false	Enables session checkpoints.
`defaultFileEncoding`	string	"utf-8"	The default file encoding.

model — Model settings

Parameter	Type	Default	Description
`name`	string	—	The name of the model to use.
`maxSessionTurns`	number	-1	The maximum number of turns in a conversational session.
`chatCompression.contextPercentageThreshold`	number	0.7	The threshold at which chat context is compressed.

tools — Tool settings

Parameter	Type	Default	Description
`approvalMode`	string	"default"	Defines when user approval is required for tool execution.
`sandbox`	boolean/string	—	Specifies the sandbox environment for tool execution.
`core`	array	—	Specifies the list of enabled tools (the whitelist).
`exclude`	array	—	A list of explicitly excluded tools.
`allowed`	array	—	Tools that do not require approval.

context — Context settings

Parameter	Type	Default	Description
`fileName`	string/array	"COPILOT.md"	The name of the context file.
`includeDirectories`	array	—	Additional directories to include in the context.
`fileFiltering.respectGitIgnore`	boolean	true	Specifies whether to respect rules in .gitignore files.

security — Security settings

Parameter	Type	Description
`folderTrust.enabled`	boolean	Enables or disables the folder trust mechanism.
`auth.selectedType`	string	The currently selected authentication method.
`auth.enforcedType`	string	Specifies a mandatory authentication method that overrides user selection.