spark login

Authenticate with the Spark knowledge network.

Synopsis

spark login [--local] [--api-base <url>]

Description

spark login starts an OAuth 2.0 PKCE authentication flow. It opens your default browser to the Spark authorization page, where you sign in and grant access. After authorization, the browser redirects to a local callback server on 127.0.0.1:8789 to complete the handshake.

By default, credentials are written to ~/.spark/settings.json (mode 0o600). Use --local to write to ./.spark/settings.json in the current project directory instead — useful in environments where you don't want global state, such as Docker containers, remote development VMs, or shared machines.

Once authenticated, your credentials persist across terminal sessions. Access tokens refresh automatically (with a 5-minute buffer before expiration); you don't need to log in again unless you log out, the refresh token expires, or you delete the settings file.

Arguments

This command has no required arguments.

Flags

Examples

Standard login

spark login

Opens your browser for OAuth authorization. Credentials land in ~/.spark/settings.json.

Local login for containers or remote VMs

spark login --local

Stores credentials in ./.spark/settings.json in the current project directory.

Verify login succeeded

spark whoami

After logging in, run spark whoami to confirm your identity.

Troubleshooting

• Port 8789 in use — spark login listens on 127.0.0.1:8789 for the OAuth callback. Close any other process bound to that port and retry.
• Browser doesn't open — copy the URL the CLI prints and open it manually.
• Auth times out — the flow has a 5-minute timeout; rerun if you got distracted.

Related commands

• spark logout — Remove credentials and end the session
• spark whoami — Display the current authenticated user
• spark status — Show full CLI and authentication status
• Authentication guide — All authentication methods
• Global Flags — Flags available on all commands