tessl/npm-netlify-cli
Netlify command line tool for deploying and managing modern web applications on the Netlify platform
—
Pending
Quality
Pending
Does it follow best practices?
Impact
Pending
No eval scenarios have been run
Securityby
Pending
The risk profile of this skill
authentication-teams.mddocs/
Authentication & Teams
Authentication management and team switching functionality for multi-account workflows, secure login, and team collaboration features.
Capabilities
User Authentication
Secure authentication with Netlify using OAuth-based login system.
/**
* Login to Netlify account
* Command: netlify login [options]
*/
interface LoginOptions {
/** Login to new Netlify account (switches accounts) */
new?: boolean;
}
/**
* Logout from Netlify account
* Command: netlify logout
*/
interface LogoutOptions {
/** No additional options for logout */
}Usage Examples:
# Login with browser-based OAuth
netlify login
# Login to a different account
netlify login --new
# Logout from current account
netlify logoutAuthentication Flow
OAuth-based authentication process and token management:
/**
* Authentication flow configuration
*/
interface AuthenticationFlow {
/** OAuth configuration */
oauth: {
/** Authorization URL */
authUrl: 'https://app.netlify.com/authorize';
/** Token endpoint */
tokenUrl: 'https://api.netlify.com/oauth/token';
/** Client ID for CLI application */
clientId: string;
/** Required scopes */
scopes: ['api', 'site:read', 'site:write'];
/** Redirect URI for localhost callback */
redirectUri: 'http://localhost:8080/callback';
};
/** Browser authentication */
browserAuth: {
/** Opens browser for authentication */
openBrowser: boolean;
/** Localhost server for callback */
callbackServer: {
port: number;
timeout: number; // milliseconds
};
/** Fallback for headless environments */
manualToken: boolean;
};
/** Token storage */
tokenStorage: {
/** Token storage location */
location: '~/.netlify/config.json';
/** Token encryption */
encrypted: boolean;
/** Token expiration */
expiresIn: number; // seconds
/** Refresh token support */
refreshToken: boolean;
};
}User Information and Profile
Access current user information and profile data:
/**
* Current user information
*/
interface UserProfile {
/** User ID */
id: string;
/** Display name */
name: string;
/** Email address */
email: string;
/** Avatar URL */
avatarUrl: string;
/** Account creation date */
createdAt: Date;
/** Last activity timestamp */
lastActiveAt: Date;
/** Account verification status */
verified: boolean;
/** Two-factor authentication enabled */
twoFactorEnabled: boolean;
/** Account plan */
plan: 'starter' | 'pro' | 'business' | 'enterprise';
/** Account limits */
limits: {
sites: number;
bandwidth: number; // bytes per month
buildMinutes: number; // minutes per month
functions: {
invocations: number; // per month
runtime: number; // seconds per month
};
};
}Team Management
Handle multi-team workflows and team switching:
/**
* Switch between teams/accounts
* Command: netlify switch
*/
interface SwitchTeamOptions {
/** No additional options - interactive selection */
}
/**
* Team information structure
*/
interface TeamInfo {
/** Team ID */
id: string;
/** Team name */
name: string;
/** Team slug (URL identifier) */
slug: string;
/** User's role in the team */
role: 'owner' | 'collaborator' | 'developer' | 'viewer';
/** Team plan */
plan: {
type: 'starter' | 'pro' | 'business' | 'enterprise';
features: string[];
limits: {
sites: number;
members: number;
bandwidth: number;
buildMinutes: number;
};
};
/** Team statistics */
stats: {
memberCount: number;
siteCount: number;
totalBandwidth: number;
buildMinutesUsed: number;
};
/** Team settings */
settings: {
billingEmail: string;
defaultDomain: string;
customBranding: boolean;
ssoEnabled: boolean;
ipRestrictions: string[];
};
/** Team creation date */
createdAt: Date;
/** Team owner information */
owner: {
id: string;
name: string;
email: string;
};
}Usage Examples:
# Interactive team switching
netlify switch
# This will show a list like:
# ? Switch to which team? (Use arrow keys)
# ❯ Personal Account (john@example.com)
# Acme Corp (acme-corp)
# Startup Inc (startup-inc)Team Member Management
Team member roles and permissions system:
/**
* Team member roles and permissions
*/
interface TeamMember {
/** Member ID */
id: string;
/** Member information */
user: {
name: string;
email: string;
avatarUrl: string;
};
/** Member role */
role: TeamRole;
/** Join date */
joinedAt: Date;
/** Last activity */
lastActiveAt: Date;
/** Invitation status */
status: 'active' | 'pending' | 'suspended';
}
/**
* Team role definitions
*/
type TeamRole = 'owner' | 'collaborator' | 'developer' | 'viewer';
interface TeamRolePermissions {
owner: {
sites: ['create', 'read', 'update', 'delete', 'deploy'];
team: ['invite', 'remove', 'change-roles', 'billing', 'settings'];
functions: ['create', 'read', 'update', 'delete', 'invoke'];
environment: ['read', 'write', 'delete'];
builds: ['trigger', 'cancel', 'view-logs'];
};
collaborator: {
sites: ['create', 'read', 'update', 'deploy'];
team: ['invite'];
functions: ['create', 'read', 'update', 'delete', 'invoke'];
environment: ['read', 'write'];
builds: ['trigger', 'view-logs'];
};
developer: {
sites: ['read', 'deploy'];
team: [];
functions: ['read', 'invoke'];
environment: ['read'];
builds: ['trigger', 'view-logs'];
};
viewer: {
sites: ['read'];
team: [];
functions: ['read'];
environment: ['read'];
builds: ['view-logs'];
};
}Authentication State Management
Current authentication state and session management:
/**
* Authentication state information
*/
interface AuthState {
/** Whether user is authenticated */
isAuthenticated: boolean;
/** Current user information */
user?: UserProfile;
/** Current team context */
currentTeam?: TeamInfo;
/** Available teams */
availableTeams: TeamInfo[];
/** Authentication token info */
token: {
value: string;
expiresAt: Date;
scopes: string[];
type: 'Bearer';
};
/** Session information */
session: {
startedAt: Date;
lastActivity: Date;
ipAddress: string;
userAgent: string;
};
}
/**
* Authentication status check
*/
interface AuthStatusCheck {
/** Check if token is valid */
isValidToken: boolean;
/** Check if token is expired */
isExpired: boolean;
/** Time until expiration */
expiresIn: number; // seconds
/** Whether refresh is needed */
needsRefresh: boolean;
/** Last authentication check */
lastCheck: Date;
}Security Features
Security settings and features for account protection:
/**
* Account security configuration
*/
interface SecurityConfig {
/** Two-factor authentication */
twoFactor: {
enabled: boolean;
method: 'app' | 'sms' | 'email';
backupCodes: number;
lastUsed: Date;
};
/** Login security */
loginSecurity: {
/** Failed login attempts */
failedAttempts: number;
/** Account lockout settings */
lockout: {
enabled: boolean;
threshold: number;
duration: number; // minutes
};
/** IP restrictions */
ipRestrictions: {
enabled: boolean;
allowedIps: string[];
};
};
/** Session management */
sessionManagement: {
/** Maximum concurrent sessions */
maxSessions: number;
/** Session timeout */
timeout: number; // minutes
/** Remember me option */
rememberMe: boolean;
/** Force logout on IP change */
forceLogoutOnIpChange: boolean;
};
/** API access */
apiAccess: {
/** Personal access tokens */
personalTokens: Array<{
id: string;
name: string;
scopes: string[];
createdAt: Date;
lastUsed: Date;
expiresAt?: Date;
}>;
/** OAuth applications */
oauthApps: Array<{
id: string;
name: string;
permissions: string[];
authorizedAt: Date;
}>;
};
}Single Sign-On (SSO) Integration
Enterprise SSO features and configuration:
/**
* SSO configuration for enterprise teams
*/
interface SSOConfig {
/** SSO provider */
provider: 'saml' | 'oidc' | 'google' | 'github' | 'gitlab';
/** SAML configuration */
saml?: {
entityId: string;
ssoUrl: string;
x509Certificate: string;
signAssertions: boolean;
signRequests: boolean;
};
/** OIDC configuration */
oidc?: {
issuer: string;
clientId: string;
clientSecret: string;
scopes: string[];
userInfoEndpoint: string;
};
/** User provisioning */
provisioning: {
/** Automatic user creation */
autoProvision: boolean;
/** Default role for new users */
defaultRole: TeamRole;
/** Attribute mapping */
attributeMapping: {
email: string;
name: string;
role?: string;
};
};
/** SSO enforcement */
enforcement: {
/** Require SSO for all team members */
required: boolean;
/** Grace period for existing users */
gracePeriod: number; // days
/** Allowed non-SSO users */
exceptions: string[]; // email addresses
};
}CLI Configuration Management
CLI-specific configuration and preferences:
/**
* CLI configuration settings
*/
interface CLIConfig {
/** User preferences */
preferences: {
/** Default output format */
defaultFormat: 'table' | 'json' | 'yaml';
/** Color output */
colorOutput: boolean;
/** Telemetry settings */
telemetry: {
enabled: boolean;
anonymizeIps: boolean;
shareUsageStats: boolean;
};
/** Update notifications */
updateNotifications: boolean;
};
/** Default values */
defaults: {
/** Default team/account */
defaultTeam?: string;
/** Default deploy context */
defaultContext: 'production' | 'deploy-preview' | 'branch-deploy' | 'dev';
/** Default functions directory */
functionsDir: string;
/** Default publish directory */
publishDir: string;
};
/** Alias and shortcuts */
aliases: Record<string, string>;
/** Plugin configuration */
plugins: Array<{
name: string;
version: string;
enabled: boolean;
config: Record<string, any>;
}>;
}