org login sfdx-url | org Commands | Salesforce CLI Command Reference

Authorize an org using a Salesforce DX authorization URL stored in a file or through standard input (stdin).

You use the Salesforce DX (SFDX) authorization URL to authorize Salesforce CLI to connect to a target org. The URL contains the required data to accomplish the authorization, such as the client ID, client secret, and instance URL. You must specify the SFDX authorization URL in this format: “force://<clientId>:<clientSecret>:<refreshToken>@<instanceUrl>”. Replace <clientId>, <clientSecret>, <refreshToken>, and <instanceUrl> with the values specific to your target org. For <instanceUrl>, don’t include a protocol (such as “https://”). Note that although the SFDX authorization URL starts with “force://”, it has nothing to do with the actual authorization. Salesforce CLI always communicates with your org using HTTPS.

To see the SFDX authorization URL for an org, run “org auth show-sfdx-auth-url”.

You have three options when creating the authorization file. The easiest option is to redirect the output of the “sf org auth show-sfdx-auth-url –json” command into a file. For example, using an org with alias my-org that you’ve already authorized:

$ sf org auth show-sfdx-auth-url –target-org my-org –json > authFile.json

The resulting JSON file contains the URL in the “sfdxAuthUrl” property of the “result” object. You can then reference the file when running this command:

$ sf org login sfdx-url –sfdx-url-file authFile.json

NOTE: The SFDX auth URL is only available for orgs authorized with a web-based OAuth flow, and not the JWT bearer flow.

You can also create a JSON file that has a top-level property named sfdxAuthUrl whose value is the authorization URL. Finally, you can create a normal text file that includes just the URL and nothing else.

Alternatively, you can pipe the SFDX authorization URL through standard input by specifying the –sfdx-url-stdin flag.

force:auth:sfdxurl:store

auth:sfdxurl:store

Flag Name (Long)	Flag Name (Short)	Description
`‑‑alias`	`‑a`	Type: Value Alias for the org.
`‑‑flags‑dir`	N/A	Type: Value Import flag values from a directory.
`‑‑json`	N/A	Type: Boolean Format output as json.
`‑‑set‑default`	`‑s`	Type: Boolean Set the authenticated org as the default that all org-related commands run against.
`‑‑set‑default‑dev‑hub`	`‑d`	Type: Boolean Set the authenticated org as the default Dev Hub.
`‑‑sfdx‑url‑file`	`‑f`	Type: Value Path to a file that contains the Salesforce DX authorization URL.
`‑‑sfdx‑url‑stdin`	`‑u`	Type: Value Pipe the Salesforce DX authorization URL through standard input (stdin).

Authorize an org using the SFDX authorization URL in the files/authFile.json file:

Similar to previous example, but set the org as your default and give it an alias MyDefaultOrg:

Pipe the SFDX authorization URL from stdin: