Skip to content

Feature request: add a CLI command to inspect current login/session status #156

New issue
New issue
Open
Open
Feature request: add a CLI command to inspect current login/session status#156
@YewFence

Description

@YewFence
YewFence
opened on Mar 23, 2026

Summary

It would be very helpful to have a dedicated CLI command to inspect the current authentication/session state, similar to a status or whoami
command.

Right now, from the built-in CLI help, I could not find a straightforward way to answer questions like:

  • Am I currently logged in?
  • Is my current login/session still valid?
  • Which Infisical domain / API URL am I connected to?
  • Which user or machine identity is currently active?
  • Which auth method was used?
  • Which organization / profile is active?
  • What permissions or scope does the current identity have?
  • Is the token expired or close to expiring?

Problem

At the moment, users seem to have to infer session state indirectly by:

  • trying another command and seeing whether it fails
  • checking whether a token can be retrieved
  • looking at logs/debug output
  • inspecting local config/storage manually

This makes troubleshooting harder, especially in cases involving:

  • expired sessions
  • multiple profiles
  • self-hosted instances
  • different auth methods
  • automation/scripts/CI environments

There are also existing issues around auth/session behavior that suggest visibility into current session state would be useful.

Proposed solution

Add a command such as one of the following:

  • infisical status
  • infisical auth status
  • infisical whoami
  • infisical user current

The command could display information like:

  • authentication status (authenticated: true/false)
  • whether the current session is valid
  • current domain / API URL
  • active profile
  • auth method
  • current user email / user id, or machine identity id
  • active organization / organization slug
  • token expiry / remaining lifetime, if available
  • permission scope / role, if available

Example output

Human-readable:

$ infisical status
Authenticated: yes
Session valid: yes
Domain: https://app.infisical.com/api
Profile: default
Auth method: user
User: user@example.com
Organization: my-org
Token expires at: 2026-03-23T12:34:56Z

Machine-readable:

$ infisical status --json
{
"authenticated": true,
"sessionValid": true,
"domain": "https://app.infisical.com/api",
"profile": "default",
"authMethod": "user",
"user": "user@example.com",
"organization": "my-org",
"expiresAt": "2026-03-23T12:34:56Z"
}

Why this would help

This would make the CLI much easier to use and debug, especially for:

  • self-hosted setups
  • multi-org / multi-profile usage
  • CI/CD and scripts
  • diagnosing token expiry or invalid-session problems

Even a minimal version that only shows:

  • logged in or not
  • domain
  • current identity
  • auth method

would already be a big improvement.

Thanks!

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions