Skip to content
Operately Logo Operately Logo Operately Help Center

CLI authentication

The Operately CLI supports four ways to log in. All methods save credentials to a local profile so subsequent commands are authenticated automatically.

After logging in with any method, verify the session:

operately auth whoami

To check the current profile and base URL:

operately auth status

To remove the saved token from a profile:

operately auth logout

Log in#

Run the login command and follow the prompts:

operately auth login

The CLI will ask which method you want to use. The four options are:

  • API token — You provide a pre-created API token. Create a token in Operately first.
  • Email and password — You provide your email address and password.
  • Email verification code — You provide your email address; the CLI sends a one-time code to it and prompts you to enter it.
  • Google — The CLI opens a browser window for Google sign-in and waits for you to complete it.

Skip interactive steps with flags#

If you prefer, you can pass options as flags to avoid being prompted. The --method flag selects the login method directly:

# API token — pass the token directly and skip all prompts
operately auth login --token <your-token>

# Email and password — pass credentials as flags
operately auth login --method email-password --email you@example.com --password yourpassword

# Email code — pass email as a flag; the code prompt still appears
operately auth login --method email-code --email you@example.com

# Google — opens the browser; the browser confirmation step cannot be skipped
operately auth login --method google

The two interactive steps that can never be avoided are the browser confirmation for Google OAuth and entering the email verification code — both require a human action to complete.

Use another base URL#

If you are connecting to a self-hosted or staging environment, pass --base-url when you log in:

operately auth login --token <token> --base-url https://operately.example.com

If you do not set a base URL, the CLI defaults to:

https://app.operately.com

Profiles#

You can keep separate profiles for different environments:

# Production
operately auth login --token op_live_xxx

# Staging
operately auth login --token op_staging_xxx --profile staging --base-url https://staging.operately.com

# Local development
operately auth login --token op_local_xxx --profile local --base-url http://localhost:4000

Use a profile on any command:

operately auth whoami --profile staging
operately people get_me --profile local

Saved profiles are stored in:

~/.operately/config.json

Environment variables#

For scripts and CI, you can provide credentials through environment variables:

export OPERATELY_API_TOKEN=op_live_xxx
export OPERATELY_BASE_URL=https://app.operately.com
export OPERATELY_PROFILE=default

Resolution order#

When the CLI resolves authentication settings, it uses this order:

  1. Command flags
  2. Environment variables
  3. Saved profile values

That means command-line overrides such as --token, --base-url, and --profile always win.

Next step#

Once authentication is working, learn how to discover and run commands.