- Bun installed
- A Sentry OAuth application (create one at https://sentry.io/settings/account/api/applications/)
- Install dependencies:
bun install- Create a
.env.localfile in the project root:
SENTRY_CLIENT_ID=your-sentry-oauth-client-id
Get the client ID from your Sentry OAuth application settings.
Note: No client secret is needed - the CLI uses OAuth 2.0 Device Authorization Grant (RFC 8628) which is designed for public clients.
bun run --env-file=.env.local src/bin.ts auth login- Run the CLI login command:
bun run --env-file=.env.local src/bin.ts auth login- You'll see output like:
Starting authentication...
Opening browser...
If it doesn't open, visit: https://sentry.io/oauth/device/
Code: ABCD-EFGH
Waiting for authorization...
- The browser will open to Sentry's device authorization page
- Enter the code and authorize the application
- The CLI will automatically receive the token and save it
When creating your Sentry OAuth application:
- Redirect URI: Not required for device flow
- Scopes: The CLI requests these scopes:
project:read,project:writeorg:readevent:read,event:writemember:readteam:read
| Variable | Description | Default |
|---|---|---|
SENTRY_CLIENT_ID |
Sentry OAuth app client ID | (required) |
SENTRY_URL |
Sentry instance URL (for self-hosted) | https://sentry.io |
bun run buildThe CLI uses the OAuth 2.0 Device Authorization Grant (RFC 8628) for authentication. This flow is designed for CLI tools and other devices that can't easily handle browser redirects:
- CLI requests a device code from Sentry
- User is shown a code and URL to visit
- CLI polls Sentry until the user authorizes
- CLI receives access token and stores it locally
No proxy server is needed - the CLI communicates directly with Sentry.