Skip to content
Latchkey

gh auth login: Usage, Options & Common CI Errors

Authenticate the GitHub CLI - interactively, or with a token in CI.

gh auth login authenticates gh to GitHub.com or an Enterprise host. Interactively it runs a web/device flow; in CI you pass a token via stdin or the GH_TOKEN environment variable.

What it does

gh auth login establishes credentials for the GitHub CLI and (optionally) configures git to use gh as a credential helper. It supports a browser/device flow for humans and token-based auth for automation. Credentials are stored per host.

Common usage

Terminal
# Interactive login (browser or device code)
gh auth login

# Non-interactive token login (pipe a PAT via stdin)
echo "$MY_PAT" | gh auth login --with-token

# Log in to a GitHub Enterprise Server host
gh auth login --hostname github.example.com

# In CI, the simplest path is just setting the env var:
#   GH_TOKEN=$GITHUB_TOKEN gh pr list

Common error in CI: prompts for interactive input

In CI, gh auth login can fail with "could not prompt: terminal is not interactive" or hang waiting for a code. Fix: either pipe a token with gh auth login --with-token from a masked secret, or skip login entirely and set GH_TOKEN (github.com) / GH_ENTERPRISE_TOKEN (GHES) in the environment - gh reads those automatically. In GitHub Actions, setting GH_TOKEN to secrets.GITHUB_TOKEN is the standard pattern; ensure the workflow grants the needed permissions.

Key options

OptionPurpose
--with-tokenRead a token from stdin
--hostname HOSTAuthenticate to an Enterprise host
--webUse the browser-based flow
--scopes LISTRequest additional OAuth scopes

Related guides

Run this faster and cheaper on Latchkey managed runners. Start free →