Sanity CLI login fails in GitHub Codespaces due to localhost callback

3 replies

Last updated: Nov 29, 2025

Hi,
I'm running into a slightly annoying blocker. Most operations with the sanity CLI require you to login before usage. However, I'm working in a Github Codespace.

 bun run sanity deploy
The CJS build of Vite's Node API is deprecated. See <https://vite.dev/guide/troubleshooting.html#vite-cjs-node-api-deprecated> for more details.

Error: You must login first - run "sanity login"
    at /workspaces/mono/node_modules/@sanity/cli/lib/_chunks-cjs/cli.js:7049:13
    at Object.deployStudioAction [as default] (/workspaces/mono/node_modules/sanity/lib/_chunks-cjs/deployAction.js:21:167)
error: "sanity" exited with code 1

Codespaces proxy localhost and therefore the login callback is incorrect when open the login URL on my local pc

bun run sanity login
? Login type Google

Please open a browser at <https://api.sanity.io/v1/auth/login/google?type=token&label=codespaces-><>Linux&origin=http%3A%2F%2Flocalhost%3A4321%2Fcallback
Waiting for browser login to complete... Press Ctrl + C to cancel

I've tried to set

SANITY_AUTH_TOKEN

in my env but it still asks me to login all the time. I don't see an obvious way to resolve this. I can't even generate a project from template because it asks for login.

AI Update

Good news - you're on the right track with SANITY_AUTH_TOKEN! This is exactly how you authenticate the Sanity CLI in non-interactive environments like GitHub Codespaces. Here's how to solve this:

Creating an Authentication Token

You need to create a robot token (not a personal token) in your Sanity project:

Go to manage.sanity.io
Select your project
Navigate to Settings → API → Tokens
Click Add new token
Give it a descriptive name (like "GitHub Codespaces")
Choose the appropriate permissions:
- For sanity deploy: You need at least Deploy Studio permissions
- For general development: Editor or Administrator depending on your needs
Copy the token immediately (you won't be able to see it again)

Using the Token in Codespaces

Once you have the token, set it as an environment variable in your Codespace:

export SANITY_AUTH_TOKEN="your-token-here"

To make it persist across Codespace sessions, add it to your Codespace secrets at the repository or user level.

Running Commands

Once SANITY_AUTH_TOKEN is set, the CLI should automatically pick it up and skip the interactive login:

bun run sanity deploy

The CLI will detect the environment variable and use it for authentication without trying to open the browser-based OAuth flow.

Important Notes

Token scope: Make sure your token has sufficient permissions for the operations you need (deploy, dataset access, etc.)
Security: Never commit tokens to your repository - always use environment variables or secrets management
Token lifetime: Robot tokens last until deleted, unlike personal tokens which expire after one year
CI/CD: This same approach works for GitHub Actions and other CI/CD environments

According to the Sanity authentication documentation, robot tokens are specifically designed for applications and non-interactive environments like yours, making them perfect for Codespaces where the localhost callback won't work. The docs explain that while personal tokens are for individual users, robot tokens are the right choice for "applications and third-party services" - which includes development environments like Codespaces.

Show original thread

3 replies

Sanity – Build the way you think, not the way your CMS thinks

Sanity is the developer-first content operating system that gives you complete control. Schema-as-code, GROQ queries, and real-time APIs mean no more workarounds or waiting for deployments. Free to start, scale as you grow.

Get started for free Explore the demo