ntcli token create

Overview

Generate a new workspace token for the current workspace without storing it locally. This command is useful for creating tokens for CI/CD systems, scripts, or other automation tools.

Syntax

ntcli token create [options]

Options

--expires-in

number

Token expiration time in secondsDefault: 31536000 (1 year)
Example: 86400 (24 hours)

--format

string

Output format for the tokenDefault: text
Options: text, json

Examples

Create Standard Token

# Create token with default 1-year expiration
ntcli token create

Output:

New token created: wst_abc123def456...
Token JTI: jti_xyz789
Expires: 2025-08-07T12:00:00Z

Create Short-Lived Token

# Create token that expires in 24 hours
ntcli token create --expires-in 86400

Create Non-Expiring Token

# Create token that never expires (use with caution)
ntcli token create

JSON Output

# Get token in JSON format for automation
ntcli token create --format json

Output:

{
  "token": "wst_abc123def456...",
  "jti": "jti_xyz789",
  "expires_at": "2025-08-07T12:00:00Z"
}

Security Considerations

Token Storage: This command displays the full token. Store it securely and never commit it to version control.

Best Practices

Copy Immediately: Copy the token immediately as it cannot be retrieved again
Secure Storage: Store tokens in secure credential management systems
Regular Rotation: Rotate tokens regularly using ntcli token refresh
Scope Limitation: Use workspace-specific tokens rather than global tokens

CI/CD Integration

GitHub Actions

- name: Create deployment token
  run: |
    TOKEN=$(ntcli token create --expires-in 3600 --format json | jq -r '.token')
    echo "::add-mask::$TOKEN"
    echo "DEPLOYMENT_TOKEN=$TOKEN" >> $GITHUB_ENV

Script Usage

#!/bin/bash
# Create token for deployment script
TOKEN=$(ntcli token create --expires-in 7200 --format json | jq -r '.token')
export NTCLI_WORKSPACE_TOKEN="$TOKEN"

# Use token for deployment
ntcli server deploy my-service

Error Handling

Authentication Required

Error: Authentication required. Try running ntcli token refreshSolution: Ensure you have a valid workspace token:

ntcli token refresh
ntcli token create

Workspace Not Selected

Error: No workspace selectedSolution: Select a workspace first:

ntcli workspace switch my-workspace
ntcli token create

Invalid Expiration

Error: Invalid expiration timeSolution: Use a valid expiration time in seconds:

ntcli token create --expires-in 86400  # 24 hours

token list

List all workspace tokens

token refresh

Refresh current workspace token

token revoke

Revoke specific tokens

token show

Show current token information

Get Started

Core Concepts

Authentication

Workspace Management

Server Management

MCP Client

Registry

Secrets Management

Token Management

Utilities

Overview

Syntax

Options

Examples

Create Standard Token

Create Short-Lived Token

Create Non-Expiring Token

JSON Output

Security Considerations

Best Practices

CI/CD Integration

GitHub Actions

Script Usage

Error Handling

token list

token refresh

token revoke

token show

Get Started

Core Concepts

Authentication

Workspace Management

Server Management

MCP Client

Registry

Secrets Management

Token Management

Utilities

​Overview

​Syntax

​Options

​Examples

​Create Standard Token

​Create Short-Lived Token

​Create Non-Expiring Token

​JSON Output

​Security Considerations

​Best Practices

​CI/CD Integration

​GitHub Actions

​Script Usage

​Error Handling

​Related Commands

token list

token refresh

token revoke

token show

Overview

Syntax

Options

Examples

Create Standard Token

Create Short-Lived Token

Create Non-Expiring Token

JSON Output

Security Considerations

Best Practices

CI/CD Integration

GitHub Actions

Script Usage

Error Handling

Related Commands