Skip to main content

almirant login

Authenticate an Almirant account by opening an OAuth flow in the browser. Once completed, the CLI stores the account in ~/.almirant/config.json for later commands.

Usage

almirant login [--api-url <url>] [--app-url <url>] [--name <name>]

What it does

  1. Resolves the API URL: --api-url, ALMIRANT_API_URL, or interactive prompt (default https://api.almirant.ai).
  2. Opens the browser to complete OAuth.
  3. Validates the generated API key against the server.
  4. Retrieves user information.
  5. Saves or updates the account in ~/.almirant/config.json with 600 permissions.
  6. Assigns a stable ID and local label.

Examples

# SaaS
almirant login

# Self-hosted
almirant login --api-url https://almirant.example.com/api

Configuration file

The current format supports multiple accounts:

{
  "defaultAccountId": "acc_abc123",
  "accounts": [
    {
      "id": "acc_abc123",
      "label": "local-m1pro",
      "apiKey": "alm_...",
      "apiBaseUrl": "https://almirant.example.com/api",
      "appBaseUrl": "https://almirant.example.com",
      "userName": "Juan Perez",
      "userEmail": "[email protected]"
    }
  ]
}
warning

~/.almirant/config.json contains API keys. The CLI writes it with 600 permissions; never commit it.

Multiple accounts

Run login once per instance or account. Then assign useful labels and select the active account:

almirant accounts list
almirant accounts rename 1 prod-saas
almirant accounts rename 2 local-m1pro
almirant use local-m1pro
almirant current

Generated configs from init and link use the account stable ID, not email, because the same email can exist in several instances.