The CLI supports two authentication methods: browser-based OAuth login (for interactive use) and Personal Access Tokens (for CI/CD and automation).
Browser Login (OAuth)
The simplest way to authenticate:
This will:
- Open your browser to the Trilo authorization page
- Ask you to approve CLI access to your workspace
- Store your token securely in
~/.config/trilo/credentials.json
- Auto-select your workspace (or prompt you to choose if you have multiple)
Tokens are automatically refreshed when they expire — you should only need to run trilo login once.
To log out and clear stored credentials:
Personal Access Tokens (PAT)
For CI/CD pipelines, scripts, and automation, use a Personal Access Token:
- Go to Settings > Tokens in the Trilo web app
- Create a new token with the scopes you need
- Set it as an environment variable:
Or write it to the config file:
PAT tokens provide persistent access to your workspace. Store them securely and rotate them periodically. Never commit tokens to version control.
Workspace Selection
After authenticating, set your default workspace:
You can also override the workspace per-command:
Environment Variables
Configuration Files
All config is stored in ~/.config/trilo/ (respects XDG_CONFIG_HOME):
CI/CD Example