Skip to main content
Setting up a CI/CD pipeline? Use a CI deploy token instead: a least-privilege fjall_dk_ token built for pipelines, minted in the web app under Settings → CI/CD Tokens (minting is session-only, so the CLI cannot create one). See CI/CD Integration.

Overview

Agent tokens (fjall_ak_) are scoped API credentials for AI agents, scripts, and automation acting as you. Create one per consumer, scope it to what that consumer needs, and revoke it independently when it’s done. Consumers authenticate by setting the token as the FJALL_API_KEY environment variable instead of running an interactive fjall login. For pipelines, prefer a CI deploy token (fjall_dk_, minted in the web app under Settings → CI/CD Tokens): it carries a fixed least-privilege scope set and a hard 90-day expiry cap, and doubles as the pipeline’s AWS credential.
fjall token is the canonical home for these commands. The old fjall user token alias was removed in fjall 2.24.

Subcommands

Create a token

The token value is shown once at creation — store it in your secret store immediately.

List tokens

Shows each token’s name, prefix, and status. Use fjall token show <id> for the full detail, or --agent for structured output including scopes and expiry.

Show a token

Full detail for one token: scopes, expiry, usage count, last-used time, and revocation state.

Revoke a token

Using a token

Next steps

Agent Mode

Run Fjall from AI agents with structured output.

CI/CD Integration

Deploy from pipelines with a least-privilege CI deploy token.