CLI Reference
login
Authenticate with a DreamLake Server instance via OAuth 2.0 device auth flow.
dreamlake login [--url <server-url>] [--no-browser]Flags
| Flag | Type | Default | Description |
|---|---|---|---|
--url | string | $DREAMLAKE_REMOTE | DreamLake Server URL |
--no-browser | flag | — | Display QR code + URL instead of opening browser |
What Happens
- CLI requests a device code from vuer-auth (
https://auth.vuer.ai) - Opens your browser to the approval page (or shows a QR code + URL if
--no-browser) - Polls vuer-auth every 5 seconds until you approve (up to 10 minutes)
- Exchanges the vuer-auth token for a long-lived dreamlake JWT via
POST /auth/exchange - Stores the token locally (macOS Keychain, encrypted file, or plaintext fallback)
If you're already logged in, running login again overwrites the stored token.
Token Storage
The dreamlake token is saved using the best available backend:
| Backend | Location |
|---|---|
| System keyring | macOS Keychain / Windows Credential Manager |
| Encrypted file | ~/.dreamlake/tokens.encrypted |
| Plaintext (fallback) | ~/.dreamlake/tokens.json |
Use dreamlake logout to remove the stored token.
Examples
# Login to local dev server
dreamlake login --url http://localhost:10334
# Headless machine (SSH) — shows QR code + URL to scan with phone
dreamlake login --url http://localhost:10334 --no-browserSee Device Auth Flow for the full technical design.