Skip to main content

Temporal CLI cloud login command reference

View Markdown

Authenticate with Temporal Cloud using browser-based OAuth login.

This command opens your default browser to complete authentication. Once logged in, your credentials are stored locally for subsequent commands.

Example:

temporal cloud login

For headless environments, use --disable-pop-up and follow the printed URL.

Use the following options to change the behavior of this command. You can also use any of the global flags that apply to all subcommands.

FlagRequiredDescription
--audienceNostring OAuth audience parameter for token generation.
--client-idNostring OAuth client identifier for authentication.
--domainNostring Authentication domain for the OAuth provider.
--redirect-urlNostring Redirect URL for OAuth authentication flow.
--resetNobool Clear stored login credentials and configuration, then re-authenticate. Use this if you need to switch accounts or fix authentication issues.

Global Flags

The following options can be used with any command.

FlagRequiredDescriptionDefault
--api-keyNostring API key for authenticating with Temporal Cloud. Can be used instead of interactive login for automation and CI/CD pipelines.
--auto-confirmNobool Automatically confirm prompts and actions that require user confirmation. Useful for scripting and automation.
--config-dirNostring Directory path where CLI configuration files are stored, including authentication tokens and settings.
--disable-pop-upNobool Prevent the CLI from opening a browser window during authentication. Useful for headless environments or when using alternative auth methods.
--serverNostring Override the Temporal Cloud API server address. Used for connecting to non-production environments.saas-api.tmprl.cloud:443