Expensicat
CLI

Authentication

Log in, log out, and inspect the current session

The CLI uses the OAuth2 device authorization flow — you open a URL in your browser, approve the code, and a long-lived session token is stored in your OS keychain.

login

Log in to Expensicat.

expensicat login
expensicat --env staging login

Opens your browser to the device authorization page. Once approved, the session is persisted and used for every subsequent command. JWTs are refreshed automatically from the session token.

logout

Clear stored credentials from this machine.

expensicat logout

whoami

Show the currently authenticated user, organization, and token metadata.

expensicat whoami
expensicat whoami --json
FlagDescription
--jsonOutput as JSON

completion

Generate shell completion scripts.

expensicat completion bash
expensicat completion zsh
expensicat completion fish
ArgDescription
<shell>bash, zsh, or fish

Pipe into your shell config:

expensicat completion zsh >> ~/.zshrc

Configuration

Environments, config file, global flags, and credential storage

Config

Read, write, and edit the CLI config file at ~/.expensicat/config.toml

On this page

login
logout
whoami
completion