p0 login
Overview
The p0 login command bootstraps your local CLI with the credentials and configuration for your P0 organization. Once you’ve logged in, the CLI can:
Save your org’s configuration locally (endpoints, OAuth client IDs, etc.)
Launch a browser SSO flow for your org’s identity provider (Google, Okta, Ping, Microsoft OIDC, etc.)
Let you start running p0 request, p0 aws, p0 ssh, and other commands without re-authenticating on each call
If your saved token expires, the CLI will automatically re-launch the login flow and update the identity file before retrying any command.
Basic Login
1. Run the login command
p0 login <ORG_ID>
Replace <ORG_ID> with your P0 organization’s ID. This will:
Fetch your org’s information (to get OAuth client IDs & tenant ID).
Save that org’s config to ~/.p0/config.json (or, if you’ve set P0_ORG, to a temp-directory config).
Launch your browser to authenticate via your org’s SSO provider.
Persist the resulting ID/token bundle to an identity file.
Print “You are now logged in, and can use the p0 CLI.”
2. (Optional) Use P0_ORG env var
If you’d rather not type your org ID each time, export it once:
export P0_ORG=acme-corp
p0 login # “org” is picked up from the env var
What Files Are Created
File
Purpose
(or $TMP/p0/config.json-<ORG_ID>)
When P0_ORG is set, alternate location
~/.p0/identity.json
Your saved token + org slug + expiry time
(or $TMP/p0/identity.json)
When P0_ORG is set
Files are stored with restrictive permissions (600) so only you can read them.
Supported SSO Providers
P0 CLI will detect your org’s SSO Provider and we will pick the right flow.
Google / Google-OIDC
Okta
Ping
Microsoft / Azure-OIDC
If your org uses a custom or unsupported provider, you’ll see an “Unsupported login for your organization” error.
Troubleshooting
“Could not find organization”
• Verify your org ID is correct and spelled exactly as given.
Browser didn’t open / SSO popup blocked
• Be sure your $BROWSER env var is set or you have a default browser configured.
• Check your popup-blocker settings.
“Please run p0 login <organization> to use the P0 CLI.”
Indicates no identity file was found. Simply re-run the login command.
Last updated