Configuration and Authentication
For most functionality you need to authenticate with Sentry. Setting this up can be done either automatically, using
sentry-cli, or manually. Either way, you'll need a token with at least the following scopes:
$ sentry-cli login
This will give you the option to visit your auth token user settings, where you can create a new auth token, or simply copy an existing one. When you return to the CLI, you'll paste in your token and it will get added to
sentry-cli will connect to sentry.io, but for self-hosted you can also sign in elsewhere:
$ sentry-cli --url https://myserver.invalid/ login
Visit your auth token user settings page and create or copy an existing token. Then either:
- add it to
- export it as an environment variable:Copied
- pass it as a parameter when you invoke
$ sentry-cli --auth-token your-auth-token
sentry-cli tool can be configured with a config file named
.sentryclirc as well as environment variables and
.env files. The config file is looked for upwards from the current path and defaults from
~/.sentryclirc are always loaded. You can also override these settings from command line parameters.
The config file uses standard INI syntax.
sentry-cli will connect to sentry.io. For on-prem you can export the
SENTRY_URL environment variable and point it to your installation:
Alternatively you can add it to your
~/.sentryclirc config. This is also what the
login command does:
[defaults] url = https://mysentry.invalid/
Note: By default sentry-cli loads .env files. On versions of sentry-cli 1.24 and newer you can disable this by exporting an environment variable
The following settings are available (first is the environment variable, the value in the parentheses is the config key in the config file):
- The authentication token to use for all communication with Sentry.
- The legacy API key for authentication if you have one.
- The DSN to use to connect to sentry.
- The URL to use to connect to sentry. This defaults to
- The slug of the organization to use for a command.
- The slug of the project to use for a command.
- The name of the remote in the versioning control system. This defaults to
- This ini only setting is used to control the behavior of the SDK with regards to HTTP keepalives. The default is true but it can be set to false to disable keepalive support.
- The URL that should be used for the HTTP proxy. The standard
http_proxyenvironment variable is also honored. Note that it is lowercase.
- This ini only setting sets the proxy username in case proxy authentication is required.
- This ini only setting sets the proxy password in case proxy authentication is required.
- This can be used to disable SSL verification when set to false. You should never do that unless you are working with a known self signed server locally.
- If this is set to false then SSL revocation checks are disabled on Windows. This can be useful when working with a corporate SSL MITM proxy that does not properly implement revocation checks. Do not use this unless absolutely necessary.
- Sets the maximum number of retry attempts for upload operations (e.g., uploads of release files and debug symbols). The default is
- If this is set to false some operating system notifications are disabled. This currently primarily affects xcode builds which will not show notifications for background builds.
- Configures the log level for the SDK. The default is
warning. If you want to see what the library is doing you can set it to
infowhich will spit out more information which might help to debug some issues with permissions.
- Sets the maximum upload size in bytes (before compression) of debug symbols into one batch. The default is 35MB or 100MB (depending on the version of sentry-cli) which is suitable for sentry.io but if you are using a different sentry server you might want to change this limit if necessary.
- If set to
sentry-cliwill not display progress bars for any operations.
- If set to
true, then the automatic update check in sentry-cli is disabled. This was introduced in 1.17. Versions before that did not include an update check. The update check is also not enabled for npm based installations of sentry-cli at the moment.
- Device family value reported to Sentry.
- Device model value reported to Sentry.
To make sure everything works you can run
sentry-cli info and it should print out some basic information about the Sentry installation you connect to as well as some authentication information.
Many commands require you to specify the organization and project to work with. There are multiple ways in which you can specify this.
If you are always working with the same projects you can set it in the
[defaults] project=my-project org=my-org
You can also set these defaults in environment variables. There are two environment variables that control this (
SENTRY_PROJECT) which you can export:
export SENTRY_ORG=my-org export SENTRY_PROJECT=my-project
sentry-cli supports loading configuration values from
.properties files (common in the Java environment). You can instruct
sentry-cli to load config files from there by exporting the path to a properties file in the
SENTRY_PROPERTIES environment variable. This is commonly done automatically for some of our client integrations like Java and React Native.
Inside the properties files you just use the dotted notation to set values. Example:
To then instruct
sentry-cli to use that file use this:
export SENTRY_PROPERTIES=/path/to/sentry.properties sentry-cli ...
Lastly you can also provide these values explicitly to the command you are executing. The parameters are always called
-o for the organization and
-p for the project.
Note that they do not always go to the same command. For instance if you are managing releases (which are shared across the organization) you usually supply the organization to the
releases command but the projects to the subcommand on it:
$ sentry-cli releases -o my-org new -p my-project 1.0
For more information use the
help command which will display documentation for all parameters.