Authentication
The Operately CLI uses API tokens to authenticate requests.
Create an API token#
Before you log in with the CLI, create an API token in Operately and copy it from the confirmation modal.
Log in#
Save a token to your default profile:
operately auth login --token <your-token>
After logging in, verify which account the CLI is using:
operately auth whoami
You can inspect the current profile and base URL at any time:
operately auth status
To remove the saved token from a profile:
operately auth logout
Use another base URL#
If you are connecting to a self-hosted or staging environment, pass --base-url when you log in:
operately auth login --token <token> --base-url https://operately.example.com
If you do not set a base URL, the CLI defaults to:
https://app.operately.com
Profiles#
You can keep separate profiles for different environments:
# Production
operately auth login --token op_live_xxx
# Staging
operately auth login --token op_staging_xxx --profile staging --base-url https://staging.operately.com
# Local development
operately auth login --token op_local_xxx --profile local --base-url http://localhost:4000
Use a profile on any command:
operately auth whoami --profile staging
operately people get_me --profile local
Saved profiles are stored in:
~/.operately/config.json
Environment variables#
For scripts and CI, you can provide credentials through environment variables:
export OPERATELY_API_TOKEN=op_live_xxx
export OPERATELY_BASE_URL=https://app.operately.com
export OPERATELY_PROFILE=default
Resolution order#
When the CLI resolves authentication settings, it uses this order:
- Command flags
- Environment variables
- Saved profile values
That means command-line overrides such as --token, --base-url, and --profile always win.
Next step#
Once authentication is working, learn how to discover and run commands.