Get Started

Authentication

Sign in and out of the CLI, and understand how credentials are stored and refreshed.

Use this page to connect the CLI to your Epismo account. The default flow sends a one-time code to your email, so an agent can complete sign-in for you if it can read that inbox. Only grant inbox access deliberately, because it may expose sensitive mail from other services too.

Sign in

epismo login --email you@example.com
epismo whoami

There are two sign-in methods:

  • epismo login --email you@example.com sends a one-time code to your inbox; enter it to finish signing in.
  • epismo login --browser opens your browser to complete sign-in there.

After signing in, epismo whoami confirms which account (and workspace) you are operating as.

For agent-operated login, make sure the agent is allowed to read the inbox that receives the code.

How credentials are stored

epismo login saves your OAuth credentials to ~/.epismo/credentials. The CLI refreshes the access token automatically as it nears expiry, so you can keep working without signing in again. Because this file grants access to your account, protect it like any other credential and do not copy it between machines.

Sign out

epismo logout

epismo logout revokes the credentials and removes them from ~/.epismo/credentials. Run it when you finish on a shared machine.