Snyk Code "SNYK_TOKEN" missing / authentication error in CI
Snyk CLI commands authenticate with an API token. When SNYK_TOKEN is absent from the environment, snyk code test cannot authenticate and fails before analyzing anything.
What this error means
The Snyk step fails with "Authentication error", "Missing SNYK_TOKEN", or a prompt to run snyk auth, typically in a non-interactive CI job.
Snyk
Authentication error (SNYK-0005)
Please run `snyk auth` or set the SNYK_TOKEN environment variable to authenticate.Common causes
The token secret is not exposed to the step
The workflow never sets SNYK_TOKEN from a secret, so the CLI has no credentials in CI.
Relying on interactive snyk auth
snyk auth opens a browser flow that cannot complete in CI; only the token env var works headlessly.
How to fix it
Set SNYK_TOKEN from a secret
- Add the Snyk API token as a repository or org secret.
- Expose it as
SNYK_TOKENin the step env. - Re-run so
snyk code testauthenticates.
.github/workflows/snyk.yml
- run: snyk code test
env:
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}Do not use interactive auth in CI
Remove any snyk auth step and rely solely on the SNYK_TOKEN environment variable for headless runs.
How to prevent it
- Store the Snyk token as a secret and inject it as SNYK_TOKEN.
- Avoid interactive
snyk authin CI. - Fail fast if the token env var is empty.
Related guides
Snyk Code "not supported / not enabled" for the organization in CIFix Snyk Code "is not supported for your organization" / "not enabled" in CI - Snyk Code (SAST) must be turne…
Snyk Code "snyk code test" issues fail the build in CIFix Snyk Code failing CI on found issues - snyk code test exits non-zero when it finds issues at or above the…
CodeQL "You are not authorized to upload SARIF" in CIFix CodeQL "You are not authorized to upload SARIF results" in CI - the token identity or repository is not p…