auth
Authenticate with Sentry
Commands
Section titled “Commands”sentry auth login
Section titled “sentry auth login”Authenticate with Sentry
Options:
| Option | Description |
|---|---|
--token <token> | Authenticate using an API token instead of OAuth |
--timeout <timeout> | Timeout for OAuth flow in seconds (default: 900) |
--force | Re-authenticate without prompting |
sentry auth logout
Section titled “sentry auth logout”Log out of Sentry
sentry auth refresh
Section titled “sentry auth refresh”Refresh your authentication token
Options:
| Option | Description |
|---|---|
--force | Force refresh even if token is still valid |
sentry auth status
Section titled “sentry auth status”View authentication status
Options:
| Option | Description |
|---|---|
--show-token | Show the stored token (masked by default) |
-f, --fresh | Bypass cache, re-detect projects, and fetch fresh data |
sentry auth token
Section titled “sentry auth token”Print the stored authentication token
sentry auth whoami
Section titled “sentry auth whoami”Show the currently authenticated user
Options:
| Option | Description |
|---|---|
-f, --fresh | Bypass cache, re-detect projects, and fetch fresh data |
All commands support --json for machine-readable output and --fields to select specific JSON fields.
Examples
Section titled “Examples”OAuth login (recommended)
Section titled “OAuth login (recommended)”sentry auth login- A URL and device code will be displayed
- Open the URL in your browser
- Enter the code when prompted
- Authorize the application
- The CLI automatically receives your token
Token login
Section titled “Token login”sentry auth login --token YOUR_SENTRY_API_TOKENSelf-hosted Sentry
Section titled “Self-hosted Sentry”SENTRY_URL=https://sentry.example.com sentry auth loginFor token-based auth with self-hosted:
SENTRY_URL=https://sentry.example.com sentry auth login --token YOUR_TOKENSee Self-Hosted Sentry for details.
Logout
Section titled “Logout”sentry auth logoutRefresh token
Section titled “Refresh token”sentry auth refreshPrint stored token
Section titled “Print stored token”sentry auth tokenCheck auth status
Section titled “Check auth status”sentry auth statusAuthenticated as: usernameOrganization: my-orgToken expires: 2024-12-31# Show the raw tokensentry auth status --show-token
# View current usersentry auth whoamiCredential Storage
Section titled “Credential Storage”Auth tokens are stored in a SQLite database at ~/.sentry/cli.db with restricted file permissions.
Token Precedence
Section titled “Token Precedence”By default, the CLI checks for auth tokens in the following order:
- The stored OAuth token in the SQLite database (from
sentry auth login) SENTRY_AUTH_TOKENenvironment variableSENTRY_TOKENenvironment variable (legacy alias)
The stored OAuth token takes priority because it supports automatic refresh. To override this and force environment tokens to win, set SENTRY_FORCE_ENV_TOKEN=1.
When a token comes from an environment variable, the CLI skips expiry checks and automatic refresh.