Getting started

The DALP CLI (@settlemint/dalp-cli) gives operators and integrators terminal access to a DALP instance.

Use the CLI to authenticate through the browser, store a platform API key locally, and run asset and identity commands. For automation, the CLI can return machine-readable output for scripts or AI agents.

Prerequisites

Before you start, you need:

• Node.js 20 or later, or Bun, on the machine where you run the CLI.
• The base URL of the DALP instance you want to manage.
• A user account that can sign in to that DALP instance and has access to the target organisation.

Installation

Install the CLI globally with npm:

npm install -g @settlemint/dalp-cli

Or install it globally with Bun:

bun add -g @settlemint/dalp-cli

After installation, the dalp command is available in your terminal.

Configure the platform URL

The login command needs a DALP instance URL. You can pass it each time:

dalp login --url https://dalp.example.com

For repeated use, save the URL once:

dalp config set apiUrl https://dalp.example.com
dalp login

You can also set the URL for the current shell session:

export DALP_URL=https://dalp.example.com
dalp login

Authenticate with device flow

The CLI uses the OAuth 2.0 Device Authorization Grant. You do not type your password into the terminal.

dalp login --url https://dalp.example.com

During login, the CLI:

1. Requests a device code from the DALP instance.
2. Opens the verification URL in your browser, or prints the URL and user code if the browser cannot open automatically.
3. Polls the DALP instance until you approve or deny the device request.
4. Uses the approved session to create a CLI API key.
5. Stores the API key locally for later commands.

The device code can expire before you approve it. If that happens, run dalp login again.

Verify your session

Run whoami after login:

dalp whoami

The command calls the authenticated user endpoint and returns the current user and active organisation. If no credentials are stored, authenticated commands fail with NOT_AUTHENTICATED and tell you to run dalp login.

Credential storage

The CLI stores credentials differently by operating system:

Logging out revokes the API key on the DALP instance and removes the local credentials:

dalp logout

Configuration sources

The CLI resolves configuration in this order:

Manage global configuration with dalp config:

# View all config
dalp config get

# View a single key
dalp config get apiUrl

# Set values
dalp config set format json
dalp config set defaultOrg my-org-slug

Output formats

Use --format when you need a specific output shape:

Set a default output format globally:

dalp config set format json

First commands to run

After login, start with read-only commands before running lifecycle actions:

# View your user profile and active organisation
dalp whoami

# List tokens in the system
dalp tokens list

# List users
dalp users list

# View system information
dalp system list

# Search across the platform
dalp search-results "bond"

Use --format json when you pipe the output into automation:

dalp tokens list --format json

Next steps

• Command reference lists commands and options.
• Scripting and automation explains how to use the CLI in scripts and CI pipelines.
• AI agent integration explains how to use the CLI with LLMs, MCP servers, and AI coding agents.