login & logout

The CLI authenticates against the hosted control plane (inth.com) so it can manage your projects, fetch configuration, and call protected APIs. Self-hosted users do not need to log in.

login

pnpm dlx @c15t/cli login

The CLI uses the OAuth device flow:

1. Opens your browser to the verification URL.
2. Displays a short user code to confirm the device.
3. Polls for the access token and stores it locally once you approve.

Tokens are cached in your OS config directory and refreshed automatically.

logout

pnpm dlx @c15t/cli logout

Clears all stored credentials. Run this if you're switching accounts, working on a shared machine, or rotating credentials.

Already logged in?

If you're already logged in, login reports your current email and asks whether you want to switch accounts. Pass --force to skip the prompt.

Where credentials live

Tokens are written to a single JSON file under your home directory:

• Unix / macOS: ~/.c15t/config.json
• Windows: %USERPROFILE%\.c15t\config.json

The CLI resolves the location with os.homedir() plus the .c15t config directory and writes the file with mode 0o600 (owner read/write only). The implementation lives in packages/cli/src/auth/config-store.ts and the schema is C15tConfig in packages/cli/src/auth/types.ts.

Never commit config.json or copy it into containers — it holds the access token, refresh token, and your last-selected project ID.