> ## Documentation Index
> Fetch the complete documentation index at: https://sitegpt.ai/docs/llms.txt
> Use this file to discover all available pages before exploring further.

# Install and log in

> Install the SiteGPT CLI, authenticate with device login, and verify your account.

## Install

Install the CLI globally from npm:

```bash theme={null}
npm install -g @sitegpt/cli
```

Verify the installed version:

```bash theme={null}
sitegpt --version
```

Upgrade later with:

```bash theme={null}
npm install -g @sitegpt/cli@latest
```

## Log in with browser approval

For most users, use the default device login:

```bash theme={null}
sitegpt login
```

The CLI uses SiteGPT's OAuth device flow with `client_id=sitegpt-cli`. It will:

1. Request standard CLI access from SiteGPT.
2. Print a verification URL and short code.
3. Open or ask you to open the SiteGPT approval page.
4. Wait while you approve access in the browser.
5. Store the approved token in a local profile.

After login, verify the active account:

```bash theme={null}
sitegpt whoami
```

## Login options

```bash theme={null}
sitegpt login
sitegpt login --profile work
sitegpt login --profile work --api-base https://sitegpt.ai
sitegpt login --full-access
sitegpt login --scope account:read --scope chatbots:read --scope knowledge:write
sitegpt login --chatbot <chatbot-id>
sitegpt login --expires-in-days 30
sitegpt login --token <sitegpt-api-token>
```

| Option                      | Description                                                        |
| --------------------------- | ------------------------------------------------------------------ |
| `--profile <name>`          | Save credentials into a named local profile.                       |
| `--api-base <url>`          | Override the API base URL. Production is `https://sitegpt.ai`.     |
| `--name <name>`             | Token name shown in SiteGPT. Default: `SiteGPT CLI (<profile>)`.   |
| `--full-access`             | Request every self-service scope your dashboard role can issue.    |
| `--scope <scope>`           | Request a custom scope. Repeat for multiple scopes.                |
| `--chatbot <chatbot-id>`    | Restrict the token to one chatbot. Repeat for multiple chatbots.   |
| `--expires-in-days <1-365>` | Token lifetime. Default: `90`.                                     |
| `--token <token>`           | Store an existing SiteGPT token instead of using browser approval. |

Reference: [global options](/cli/command-reference#global-options) and [login command details](/cli/command-reference#login).

For protocol-level details, see [OAuth device flow](/cli/oauth-device-flow).

<Warning>
  Use either `--full-access` or repeated `--scope` values, not both. Device-login options cannot be used together with `--token`.
</Warning>

## Standard, full, and custom access

When you run `sitegpt login` without `--scope` or `--full-access`, SiteGPT requests **standard CLI access**. Standard access includes customer-facing read/write permissions for common CLI operations, but excludes sensitive persistence/admin scopes such as `tokens:write`, `billing:write`, and integration management.

Use full access only when the CLI or agent needs broad account management:

```bash theme={null}
sitegpt login --full-access
```

Use custom scopes for specialized workflows:

```bash theme={null}
sitegpt login \
  --scope account:read \
  --scope chatbots:read \
  --scope knowledge:read \
  --scope knowledge:write
```

## Manual login with a dashboard-created token

If you do not want to use browser device login from the terminal, you can create a token manually in the SiteGPT dashboard and then save it into the CLI.

<Steps>
  <Step title="Open the Agents page">
    In the SiteGPT dashboard, open **Agents**.
  </Step>

  <Step title="Create an API token">
    Click **Create token**, choose the access level or custom permissions, optionally restrict it to specific chatbots, and create the token.
  </Step>

  <Step title="Copy the token immediately">
    SiteGPT shows the plaintext token only once. Copy it before closing the token modal.
  </Step>

  <Step title="Save the token in the CLI">
    ```bash theme={null}
    sitegpt login --token <sitegpt-api-token>
    ```
  </Step>

  <Step title="Verify the profile">
    ```bash theme={null}
    sitegpt whoami
    sitegpt profiles list
    ```
  </Step>
</Steps>

To save the token under a named profile:

```bash theme={null}
sitegpt login --profile support-agent --token <sitegpt-api-token>
```

For production, the default API base is `https://sitegpt.ai`. If you need to be explicit:

```bash theme={null}
sitegpt login --profile production --api-base https://sitegpt.ai --token <sitegpt-api-token>
```

SiteGPT CLI/API tokens look like this:

```text theme={null}
sgpt_xxxxxxxxx
```

Treat tokens as opaque credentials and avoid validating one exact shape in scripts.

If you are setting this up for a personal AI assistant, see [Use with AI agents](/cli/use-with-ai-agents) for the recommended profile and instruction setup.

## Where profiles are stored

The CLI stores local profiles at:

```text theme={null}
~/.config/sitegpt/config.json
```

This file is local to your machine. Do not commit it to source control.

## Logout

Remove the selected local profile token:

```bash theme={null}
sitegpt logout
sitegpt logout --profile work
```

Logging out deletes the local token profile. It does not revoke the token in SiteGPT. Use `sitegpt tokens revoke <token-id>` or the Agents page to revoke server-side access.
