Get help on Discord

Using token authentication for Sanity CLI login

22 replies
Last updated: Nov 29, 2025
Hello. We are looking to use an automated system for deploying GraphQL schemas and studio, but we have some problems logging in to the CLI tool. Is it possible to use a token for logging in, or is it another method?
AI Update

Yes, it is absolutely possible to use a token for logging in to the Sanity CLI for automated deployments! This is actually the recommended approach for CI/CD environments.

Using Authentication Tokens

For automated systems like CI/CD pipelines, you should use the SANITY_AUTH_TOKEN environment variable instead of interactive login. Here's how:

1. Create a Deploy Token

First, create a deploy token in your Sanity project management dashboard. Navigate to your project settings to generate a token with appropriate permissions.

2. Set the Environment Variable

In your CI/CD environment, set the SANITY_AUTH_TOKEN environment variable with your token:

SANITY_AUTH_TOKEN=<your-deploy-token> sanity deploy

Or for schema deployment:

SANITY_AUTH_TOKEN=<your-deploy-token> sanity schema deploy

3. CI/CD Configuration Example

For automated deployments, you can configure your workflow like this:

// sanity.cli.ts
import {defineCliConfig} from 'sanity/cli'

export default defineCliConfig({
  api: {
    projectId: process.env.SANITY_STUDIO_PROJECT_ID,
    dataset: process.env.SANITY_STUDIO_DATASET,
  },
  studioHost: process.env.SANITY_STUDIO_HOSTNAME
})

Then in your CI/CD pipeline, ensure these environment variables are set:

  • SANITY_AUTH_TOKEN - Your deploy token (for authentication)
  • SANITY_STUDIO_PROJECT_ID - Your project ID
  • SANITY_STUDIO_DATASET - Your dataset name
  • SANITY_STUDIO_HOSTNAME - Your studio hostname (optional, for deployment)

Why Use Tokens?

According to the Sanity deployment documentation, the sanity deploy command normally uses your local user session for authentication, which won't be available in CI/CD workflows. The SANITY_AUTH_TOKEN environment variable solves this by providing programmatic authentication.

Common Use Cases

This token-based authentication works for:

  • Deploying Sanity Studio (sanity deploy)
  • Deploying GraphQL schemas (sanity graphql deploy)
  • Running migrations
  • Any other CLI operations that require authentication

The token-based authentication is secure and allows you to grant specific permissions without sharing user credentials. You can manage and revoke these tokens through your project settings at any time.

Show original thread
22 replies

Sanity – Build the way you think, not the way your CMS thinks

Sanity is the developer-first content operating system that gives you complete control. Schema-as-code, GROQ queries, and real-time APIs mean no more workarounds or waiting for deployments. Free to start, scale as you grow.

Get started for freeExplore the demo

Was this answer helpful?