envshed token
Manage authentication tokens (personal and service).
Personal Token Subcommands
envshed token set
Set an API token directly.
envshed token set <token>
envshed token show
Display the current token (masked for security).
$ envshed token show
envshed_abc...xyz9
envshed token clear
Remove the saved token.
envshed token clear
Service Token Subcommands
envshed token create-service
Create a service token for an organization.
envshed token create-service -o <org-slug> -n <name> [options]
| Option | Description | Default |
|---|---|---|
-o, --org <slug> | Organization slug (required) | — |
-n, --name <name> | Token name (required) | — |
-d, --description <text> | Token description | — |
-s, --scope <scope> | Scope: org, project, or environment | org |
--project-id <id> | Project ID (required for project/environment scope) | — |
--environment-id <id> | Environment ID (required for environment scope) | — |
-p, --permission <perm> | Permission: read or read_write | read |
--expires-in <days> | Expiration in days | No expiration |
Example:
envshed token create-service \
-o my-org \
-n "GitHub Actions" \
-s project \
--project-id abc123 \
-p read \
--expires-in 90
envshed token list-service
List service tokens for an organization.
envshed token list-service -o <org-slug>
| Option | Description |
|---|---|
-o, --org <slug> | Organization slug (required) |
envshed token revoke-service
Revoke a service token.
envshed token revoke-service -o <org-slug> --id <token-id>
| Option | Description |
|---|---|
-o, --org <slug> | Organization slug (required) |
--id <id> | Service token ID (required) |
Notes
Personal tokens are stored in ~/.envshed/config.json. The envshed login command also writes to this file — envshed token set is an alternative for scripts or CI/CD environments where browser-based login isn't possible.
Service tokens are managed server-side and are scoped to an organization. See Service Tokens for details.