Authentication

caution

Seqera AI is currently in beta. Features and commands may change as we continue to improve the product.

Seqera AI uses your Seqera Platform account for authentication. This page covers how to login, manage sessions, and logout.

Authenticate with your Seqera Platform account:

seqera login

This will:

Open your default browser to the Seqera login page
Prompt you to sign in with your Seqera Platform credentials
Automatically capture the authentication token
Display a success message in your terminal

Opening browser for authentication...
Successfully authenticated as user@example.com

Check session status

View your current authentication status:

seqera status

This shows:

Whether you're logged in
Your authenticated email
Session details

Logged in as: user@example.com
Session expires: 2025-12-16 14:30:00

Logout

Standard logout

Sign out from the current session:

seqera logout

This:

Revokes your authentication token
Removes locally stored credentials
Requires re-authentication on next use

Clear all sessions

If you've used multiple profiles or want to completely reset authentication:

seqera logout --all

This removes all stored credentials and session data.

How credentials are stored

Seqera AI stores authentication tokens securely:

Primary storage: Your operating system's secure keychain
- macOS: Keychain Access
- Linux: Secret Service (GNOME Keyring, KWallet)
- Windows: Windows Credential Manager
Fallback storage: If keychain access isn't available, tokens are stored in:
```
~/.config/seqera-ai/refresh-token.<profile>
```

Session metadata (email, login timestamp) is stored in:

~/.config/seqera-ai/auth-state.json

Automatic token refresh

Seqera AI automatically refreshes your authentication token when needed. You don't need to re-login unless:

You explicitly logout
Your refresh token expires (typically after extended inactivity)
Your Seqera Platform account permissions change

Using access tokens (CI/CD)

For automated environments, you can provide a Seqera Platform access token directly:

seqera ai --token <your-platform-access-token>

To get a Platform access token:

Go to Seqera Platform
Click your profile icon and select User tokens
Click Add token and copy the generated token

caution

Access tokens provide full access to your Platform account. Store them securely and never commit them to version control. Use environment variables or secret management for CI/CD.

You can also set the token via environment variable:

export TOWER_ACCESS_TOKEN=<your-platform-access-token>
seqera ai

Troubleshooting

Browser doesn't open

If the browser doesn't open automatically:

Check the terminal output for a URL
Copy and paste the URL into your browser manually
Complete authentication in the browser

If authentication times out:

Ensure you have internet connectivity
Check that https://seqera.io is accessible
Try logging out and logging in again

Token storage errors

If you see keychain-related errors:

Ensure your system keychain service is running
Check that you have permission to access the keychain
The CLI will automatically fall back to file-based storage

Session expired

If your session has expired:

seqera logout
seqera login

Next steps

Getting started - Start using the AI assistant
Approval modes - Configure command execution settings

Login​

Check session status​

Logout​

Standard logout​

Clear all sessions​

How credentials are stored​

Automatic token refresh​

Using access tokens (CI/CD)​

Troubleshooting​

Browser doesn't open​

Login timeout​

Token storage errors​

Session expired​

Next steps​

Login