search
Book a Demo

Authentication

Authenticate with the Nullify CLI using browser-based login or API tokens

hashtag
Interactive Login

For interactive usage, the CLI opens your browser to authenticate directly with your identity provider:

nullify auth login --host api.<TENANT>.nullify.ai

This will:

  1. Open your browser to authenticate with your identity provider (GitHub, Azure, Okta, etc.)

  2. Redirect back to the CLI automatically once authenticated

  3. Store the credentials locally at ~/.nullify/credentials.json

hashtag
Auth Commands

hashtag
Check login status

nullify auth status

hashtag
View current token

nullify auth token

hashtag
Switch between hosts

nullify auth switch --host api.<OTHER-TENANT>.nullify.ai

hashtag
Log out

hashtag
View configuration

hashtag
CI/CD Usage

For non-interactive environments (CI/CD pipelines, scripts), use token-based authentication:

hashtag
Using a Nullify API Token

Or set via environment variable:

hashtag
Using a GitHub Token

Or set via environment variable:

hashtag
Token Precedence

The CLI resolves authentication in this order:

  1. --nullify-token flag

  2. NULLIFY_TOKEN environment variable

  3. --github-token flag (exchanged for Nullify token)

  4. GITHUB_TOKEN environment variable (exchanged for Nullify token)

  5. Stored credentials from nullify auth login

hashtag
Credential Storage

Credentials are stored at ~/.nullify/credentials.json with file permissions 0600 (owner read/write only). The file contains:

  • Access token

  • Refresh token

  • Token expiry time

  • Host configuration

Tokens are automatically refreshed when they expire.

PreviousCLINextMCP Setup

Last updated