SoftProbe CLI

Appearance

Authentication

Console APIs require the HTTP header:

http
access-token: <JWT>

(Defined as Constants.ACCESS_TOKEN in sp-tr-api.)

Non-interactive login (agents + CI)

Email verification flow

  1. Request code (human step or separate automation):

    http
    GET /api/login/getVerificationCode/{userName}

  2. Exchange code for token:

    bash
    sp auth login --email user@corp.com --code 123456 --json

    REST: POST /api/login/verify with body { "userName", "verifyCode", ... }

  3. CLI writes token to active profile in ~/.config/softprobe/config.yaml unless --no-save.

CI / agent hosts

Set a long-lived token from your secret store:

bash
export SP_TOKEN="eyJ..."
sp app list --json

Never commit tokens to git. Rotate on leak.

Token refresh

bash
sp auth refresh --user user@corp.com --json

REST: GET /api/login/refresh/{userName}

Guest login

If enabled on the server:

bash
sp auth login --guest --json

REST: POST /api/login/loginAsGuest

OAuth

OAuth flows are browser-based. Agents should use pre-provisioned SP_TOKEN rather than driving OAuth interactively.

Document for humans: GET /api/login/oauthInfo/{oauthType}, POST /api/login/oauthLogin.

Who am I

bash
sp auth whoami --json

Decodes JWT userName or calls profile endpoint when implemented.

Errors

SituationExit code
Missing token with --json3 (AUTH_REQUIRED)
Expired or invalid token1 (API_ERROR)