spark login
Authenticate with the Spark knowledge network.
Synopsis
spark login [--local]Description
spark login starts an OAuth 2.0 PKCE authentication flow. It opens your default browser to the Spark authorization page, where you sign in and grant access. After authorization, the browser redirects to a local callback server on port 5173 to complete the handshake.
By default, credentials are stored in your system keychain (macOS Keychain, Linux secret service, or Windows Credential Manager). Use the --local flag to store credentials in the project directory instead, which is useful in environments where keychain access is unavailable.
Once authenticated, your credentials persist across terminal sessions and refresh automatically. You do not need to log in again unless you explicitly log out or your tokens are revoked.
Arguments
This command has no required arguments.
Flags
| Flag | Description |
|---|---|
--local | Store credentials in the project .spark/settings.json file instead of the system keychain. |
When using --local, add .spark/ to your .gitignore. Never commit credentials to version control.
Examples
Standard login
spark loginOpens your browser for OAuth authorization. Credentials are stored in the system keychain.
Local login for containers or remote VMs
spark login --localStores credentials in .spark/settings.json in the current project directory. Use this when running in Docker containers, remote development environments, or CI runners where keychain access is not available.
Verify login succeeded
spark whoamiAfter logging in, run spark whoami to confirm your identity and authentication status.
Related commands
spark logout— Remove credentials and end the sessionspark whoami— Display the current authenticated userspark status— Show full CLI and authentication status- Authentication guide — All authentication methods
- Global Flags — Flags available on all commands