diff --git a/.gitignore b/.gitignore
index 1dd4285b..aa6f4ee9 100644
--- a/.gitignore
+++ b/.gitignore
@@ -3,7 +3,7 @@ arduino-cloud-cli
 arduino-cloud-cli.exe
 
 # Configuration file
-config.yaml
+arduino-cloud-credentials.*
 
 # Provisioning binaries and metadata
 firmware/binaries
diff --git a/internal/iot/client.go b/internal/iot/client.go
index fc82c268..c8e77588 100644
--- a/internal/iot/client.go
+++ b/internal/iot/client.go
@@ -353,8 +353,13 @@ func (cl *Client) DashboardDelete(id string) error {
 }
 
 func (cl *Client) setup(client, secret, organization string) error {
+	baseURL := "https://api2.arduino.cc"
+	if url := os.Getenv("IOT_API_URL"); url != "" {
+		baseURL = url
+	}
+
 	// Get the access token in exchange of client_id and client_secret
-	tok, err := token(client, secret)
+	tok, err := token(client, secret, baseURL)
 	if err != nil {
 		err = fmt.Errorf("cannot retrieve token given client and secret: %w", err)
 		return err
@@ -367,6 +372,7 @@ func (cl *Client) setup(client, secret, organization string) error {
 	if organization != "" {
 		config.DefaultHeader = map[string]string{"X-Organization": organization}
 	}
+	config.BasePath = baseURL + "/iot"
 	cl.api = iotclient.NewAPIClient(config)
 
 	return nil
diff --git a/internal/iot/token.go b/internal/iot/token.go
index 883bc11d..dd369c04 100644
--- a/internal/iot/token.go
+++ b/internal/iot/token.go
@@ -27,7 +27,7 @@ import (
 	cc "golang.org/x/oauth2/clientcredentials"
 )
 
-func token(client, secret string) (*oauth2.Token, error) {
+func token(client, secret, baseURL string) (*oauth2.Token, error) {
 	// We need to pass the additional "audience" var to request an access token
 	additionalValues := url.Values{}
 	additionalValues.Add("audience", "https://api2.arduino.cc/iot")
@@ -35,9 +35,10 @@ func token(client, secret string) (*oauth2.Token, error) {
 	config := cc.Config{
 		ClientID:       client,
 		ClientSecret:   secret,
-		TokenURL:       "https://api2.arduino.cc/iot/v1/clients/token",
+		TokenURL:       baseURL + "/iot/v1/clients/token",
 		EndpointParams: additionalValues,
 	}
+
 	// Get the access token in exchange of client_id and client_secret
 	t, err := config.Token(context.Background())
 	if err != nil && strings.Contains(err.Error(), "401") {