jwt Commands (Deprecated)

This command is deprecated. As of April 20, 2023, we no longer maintain this section of the command reference. Refer to the reference information about the sf-style commands instead, which we update regularly. We keep this reference information about the sfdx-style commands as-is for historical reference only.

Don't worry, this command and its flags continue to work the same as before, and any scripts that use the command won’t break. However, we recommend that you start using the equivalent sf-style org login jwt command instead. Here’s how the flags changed between the old and new commands; if a flag isn't listed, the old and new names are the same:

Removed flag: --loglevel. Use the SF_LOG_LEVEL environment variable instead.
Changed flag name: Old name --jwtkeyfile. New name: --jwt-key-file.
Changed flag name: Old name --clientid. New name: --client-id.
Changed flag name: Old name --setdefaultdevhubusername. New name: --set-default-dev-hub.
Changed flag name: Old name --setalias. New name: --alias.
Changed flag name: Old name --username. New name: Same, but with new short flag name-o.
Changed flag name: Old name --instanceurl. New name: --instance-url.
Changed flag name: Old name --setdefaultusername. New name: --set-default.

For background information about this change, read this blog post, which describes how we've updated many of the existing sfdx commands to use the improvements we made in sf. We improved this particular command on March 2, 2023.

Warning

Help for auth:jwt:grant

Use a certificate associated with your private key that has been uploaded to a personal connected app.

If you specify an --instanceurl value, this value overrides the sfdcLoginUrl value in your sfdx-project.json file. To specify a My Domain URL, use the format MyDomainName.my.salesforce.com (not MyDomainName.lightning.force.com). To specify a sandbox, set --instanceurl to https://MyDomainName--SandboxName.sandbox.my.salesforce.com.

Examples for auth:jwt:grant

1sfdx auth:jwt:grant -u me@my.org -f <path to jwt key file> -i <OAuth client id>

1sfdx auth:jwt:grant -u me@my.org -f <path to jwt key file> -i <OAuth client id> -s -a MyDefaultOrg

1sfdx auth:jwt:grant -u me@acme.org -f <path to jwt key file> -i <OAuth client id> -r https://acme.my.salesforce.com

Command Syntax

sfdx auth:jwt:grant: [--json]; [--loglevel LOGLEVEL]; -u USERNAME; -f JWTKEYFILE; -i CLIENTID; [-r INSTANCEURL]; [-d]; [-s]; [-a SETALIAS]

Parameters

--json: Optional; Format output as JSON.; Type: boolean
--loglevel LOGLEVEL: Optional; The logging level for this command invocation. Logs are stored in $HOME/.sf/sf.log.; Type: enum; Permissible values are: trace, debug, info, warn, error, fatal, TRACE, DEBUG, INFO, WARN, ERROR, FATAL; Default value: warn
-u | --username USERNAME: Required; Authentication username.; Type: string
-f | --jwtkeyfile JWTKEYFILE: Required; Path to a file containing the private key.; Type: filepath
-i | --clientid CLIENTID: Required; OAuth client ID (sometimes called the consumer key).; Type: string
-r | --instanceurl INSTANCEURL: Optional; The login URL of the instance the org lives on.; Type: url
-d | --setdefaultdevhubusername: Optional; Set the authenticated org as the default dev hub org for scratch org creation.; Type: boolean
-s | --setdefaultusername: Optional; Set the authenticated org as the default username that all commands run against.; Type: boolean
-a | --setalias SETALIAS: Optional; Set an alias for the authenticated org.; Type: string

Aliases for auth:jwt:grant

1force:auth:jwt:grant

Salesforce CLI Command Reference

auth:jwt:grant (Deprecated)

Help for auth:jwt:grant

Examples for auth:jwt:grant

Command Syntax

Parameters

Aliases for auth:jwt:grant