Configuration and Authentication

For most functionality you need to authenticate with Sentry. Setting this up can be done either automatically, using sentry-cli, or manually via Organization Auth Tokens.

Copied
sentry-cli login

This will give you the option to visit your auth token user settings, where you can create a new auth token, or simply copy an existing one. When you return to the CLI, you'll paste in your token and it will get added to ~/.sentryclirc automatically.

By default, sentry-cli will connect to sentry.io, but for self-hosted you can also sign in elsewhere:

Copied
sentry-cli --url https://myserver.invalid/ login

You can manually create an Organization Auth Token and pass it to sentry-cli.

Either:

  • add it to ~/.sentryclirc:

    Copied
    [auth]
    token=sntrys_YOUR_TOKEN_HERE
    
  • export it as an environment variable:

    Copied
    export SENTRY_AUTH_TOKEN=sntrys_YOUR_TOKEN_HERE
    
  • pass it as a parameter when you invoke sentry-cli:

    Copied
    $ sentry-cli login --auth-token sntrys_YOUR_TOKEN_HERE
    

The sentry-cli tool can be configured with a config file named .sentryclirc as well as environment variables and .env files. The config file is looked for upwards from the current path and defaults from ~/.sentryclirc are always loaded. You can also override these settings from command line parameters.

The config file uses standard INI syntax.

By default sentry-cli will connect to sentry.io. For on-prem you can export the SENTRY_URL environment variable and point it to your installation:

Copied
export SENTRY_URL=https://mysentry.invalid/

Alternatively you can add it to your ~/.sentryclirc config. This is also what the login command does:

Copied
[defaults]
url = https://mysentry.invalid/

The following settings are available (first is the environment variable, the value in the parentheses is the config key in the config file):

SENTRY_AUTH_TOKEN (auth.token):

The authentication token to use for all communication with Sentry.

SENTRY_API_KEY (auth.api_key):

The legacy API key for authentication if you have one.

SENTRY_DSN (auth.dsn):

The DSN to use to connect to Sentry.

SENTRY_URL (defaults.url):

The URL to use to connect to Sentry. This defaults to https://sentry.io/.

SENTRY_ORG (defaults.org):

The slug of the organization to use for a command.

SENTRY_PROJECT (defaults.project):

The slug of the project to use for a command.

SENTRY_VCS_REMOTE (defaults.vcs_remote):

The name of the remote in the versioning control system. This defaults to origin.

SENTRY_PIPELINE (defaults.pipeline):

The name of the environment to be appended to User-Agent header.

CUSTOM_HEADER (defaults.custom_header):

The header that will be added to every outgoing request in key:value format.

(http.keepalive):

This ini only setting is used to control the behavior of the SDK with regards to HTTP keepalives. The default is true but it can be set to false to disable keepalive support.

http_proxy (http.proxy_url):

The URL that should be used for the HTTP proxy. The standard http_proxy environment variable is also honored. Note that it is lowercase.

(http.proxy_username):

This ini only setting sets the proxy username in case proxy authentication is required.

(http.proxy_password):

This ini only setting sets the proxy password in case proxy authentication is required.

(http.verify_ssl):

This can be used to disable SSL verification when set to false. You should never do that unless you are working with a known self signed server locally.

(http.check_ssl_revoke):

If this is set to false then SSL revocation checks are disabled on Windows. This can be useful when working with a corporate SSL MITM proxy that does not properly implement revocation checks. Do not use this unless absolutely necessary.

SENTRY_HTTP_MAX_RETRIES (http.max_retries):

Sets the maximum number of retry attempts for upload operations (e.g., uploads of release files and debug symbols). The default is 5.

(ui.show_notifications):

If this is set to false some operating system notifications are disabled. This currently primarily affects xcode builds which will not show notifications for background builds.

SENTRY_LOG_LEVEL (log.level):

Configures the log level for the SDK. The default is warn. If you want to see what the library is doing you can set it to info which will spit out more information which might help to debug some issues with permissions. Possible values are trace, debug, info, warn, and error.

(dif.max_upload_size):

Sets the maximum upload size in bytes (before compression) of debug symbols into one batch. The default is 35MB or 100MB (depending on the version of sentry-cli) which is suitable for sentry.io but if you are using a different Sentry server you might want to change this limit if necessary. (Prior to version 1.72.0, this option was called dsym.max_upload_size.)

(dif.max_item_size):

Sets the maximum file size of a single file inside DIF bundle. The default is 1MB.

SENTRY_DISABLE_UPDATE_CHECK (update.disable_check):

If set to true, then the automatic update check in sentry-cli is disabled. The update check is also not enabled for npm based installations of sentry-cli at the moment.

SENTRY_NO_PROGRESS_BAR:

If set to 1, then sentry-cli will not display progress bars for any operations.

SENTRY_LOAD_DOTENV:

Set to 0 to prevent sentry-cli from loading an .env file.

SENTRY_DOTENV_PATH:

Specify a path to .env file to be loaded during setup. This was introduced in version 1.70.

DEVICE_FAMILY (device.family):

Device family value reported to Sentry.

DEVICE_MODEL (device.model):

Device model value reported to Sentry.

To make sure everything works you can run sentry-cli info and it should print out some basic information about the Sentry installation you connect to as well as some authentication information.

Many commands require you to specify the organization and project to work with. There are multiple ways in which you can specify this.

If you are always working with the same projects you can set it in the .sentryclirc file:

Copied
[defaults]
project=my-project
org=my-org

You can also set these defaults in environment variables. There are two environment variables that control this (SENTRY_ORG and SENTRY_PROJECT) which you can export:

Copied
export SENTRY_ORG=my-org
export SENTRY_PROJECT=my-project

Additionally sentry-cli supports loading configuration values from .properties files (common in the Java environment). You can instruct sentry-cli to load config files from there by exporting the path to a properties file in the SENTRY_PROPERTIES environment variable. This is commonly done automatically for some of our client integrations like Java and React Native.

Inside the properties files you just use the dotted notation to set values. Example:

Copied
defaults.url=https://mysentry.invalid/

To then instruct sentry-cli to use that file use this:

Copied
export SENTRY_PROPERTIES=/path/to/sentry.properties
sentry-cli ...

Lastly you can also provide these values explicitly to the command you are executing. The parameters are always called --org or -o for the organization and --project or -p for the project.

Note that they do not always go to the same command. For instance if you are managing releases (which are shared across the organization) you usually supply the organization to the releases command but the projects to the subcommand on it:

Copied
sentry-cli releases -o my-org new -p my-project 1.0

For more information use the help command which will display documentation for all parameters.

Help improve this content
Our documentation is open source and available on GitHub. Your contributions are welcome, whether fixing a typo (drat!) or suggesting an update ("yeah, this would be better").