esc login | CLI commands
Log in to the Pulumi Cloud
Synopsis
Log in to the Pulumi Cloud.
The Pulumi Cloud manages your Pulumi ESC environments. Simply run
$ esc login
and this command will prompt you for an access token, including a way to launch your web browser to
easily obtain one. You can script by using PULUMI_ACCESS_TOKEN environment variable.
By default, this will log in to the managed Pulumi Cloud backend. If you prefer to log in to a self-hosted Pulumi Cloud backend, specify a URL. For example, run
$ esc login https://api.pulumi.acmecorp.com
to log in to a self-hosted Pulumi Cloud running at the api.pulumi.acmecorp.com domain.
For https:// URLs, the CLI will speak REST to a Pulumi Cloud that manages state and concurrency control.
You can specify a default org to use when logging into the Pulumi Cloud backend or a self-hosted Pulumi Cloud.
esc login [<url>] [flags]
Options
-c, --cloud-url string A cloud URL to log in to
--default-org string A default org to associate with the login.
-h, --help help for login
--insecure Allow insecure server connections when using SSL
--oidc-expiration string The expiration for the cloud backend access token in duration format (e.g. '15m', '24h')
--oidc-org string The organization to use for OIDC token exchange audience
--oidc-team string The team when exchanging for a team token
--oidc-token string An OIDC token to exchange for a cloud backend access token. Can be either a raw token or a file path prefixed with 'file://'.
--oidc-user string The user when exchanging for a personal token
--shared Log in to the account in use by the pulumi CLI
SEE ALSO
- esc - Pulumi ESC command line
Auto generated by spf13/cobra on 26-Dec-2025
Thank you for your feedback!
If you have a question about how to use Pulumi, reach out in Community Slack.
Open an issue on GitHub to report a problem or suggest an improvement.