Overview

Display information about your currently stored workspace token, including JWT ID (JTI), creation time, expiration date, and validation status.

Syntax

ntcli token show [options]

Options

--format
string
Output format for token informationDefault: text
Options: text, json
--show-token
boolean
Display the actual token value (use with extreme caution)Default: false
Security: Only use for debugging or emergency recovery

Examples

Standard Information

# Show current token information
ntcli token show
Output: 
Workspace Token Information
───────────────────────────
JTI:         jti_abc123def456
Created:     2024-08-07 10:30:00 UTC
Expires:     2025-08-07 10:30:00 UTC
Status:      Active
Workspace:   my-workspace-uuid

Token is valid and ready to use.

JSON Output

# Get token information in JSON format
ntcli token show --format json
Output: 
{
  "jti": "jti_abc123def456",
  "created_at": "2024-08-07T10:30:00Z",
  "expires_at": "2025-08-07T10:30:00Z", 
  "status": "active",
  "workspace_id": "my-workspace-uuid",
  "is_valid": true,
  "days_until_expiry": 365
}

Show Actual Token (Dangerous)

# Display the actual token value - USE WITH EXTREME CAUTION
ntcli token show --show-token
Output: 
⚠️  WARNING: Token value is displayed below. Keep it secure!

Workspace Token Information
───────────────────────────
JTI:         jti_abc123def456
Token:       wst_1234567890abcdef...
Created:     2024-08-07 10:30:00 UTC
Expires:     2025-08-07 10:30:00 UTC
Status:      Active
Workspace:   my-workspace-uuid
Security Risk: The --show-token flag displays your actual token value. Never use this in shared environments or save the output to files that might be committed to version control.

Token Status Information

Status Values

StatusDescription
ActiveToken is valid and can be used
ExpiredToken has passed its expiration date
InvalidToken format is invalid or corrupted
RevokedToken has been explicitly revoked

Time Information

  • Created: When the token was originally created
  • Expires: When the token will expire (“Never” for non-expiring tokens)
  • Days Until Expiry: Countdown to expiration (only in JSON format)

Workspace Association

The token is tied to a specific workspace UUID. If you switch workspaces, you’ll need a token for that workspace.

Monitoring and Automation

Check Token Expiration

# Check if token expires within 30 days
EXPIRES_IN=$(ntcli token show --format json | jq -r '.days_until_expiry // 999')
if [ "$EXPIRES_IN" -lt 30 ]; then
    echo "Token expires in $EXPIRES_IN days - consider refreshing"
fi

Validate Token Status

# Check if token is valid
if ntcli token show --format json | jq -e '.is_valid' >/dev/null; then
    echo "Token is valid"
else
    echo "Token needs refresh"
    ntcli token refresh
fi

Extract Token Information

# Get specific token fields
JTI=$(ntcli token show --format json | jq -r '.jti')
EXPIRES=$(ntcli token show --format json | jq -r '.expires_at')
echo "Token $JTI expires at $EXPIRES"

Troubleshooting Token Issues

Token Validation

The token show command validates your token and reports issues: 
# Check token health
ntcli token show
Possible validation results:
  • Valid: Token is active and working
  • Expired: Token has expired, use ntcli token refresh
  • Invalid Format: Token file is corrupted, use ntcli token refresh
  • Network Error: Cannot validate with server, check connectivity

Token File Location

Token Storage: Tokens are stored in your user configuration directory. The exact location varies by operating system.
PlatformToken Location
macOS~/.config/ntcli/
Linux~/.config/ntcli/
Windows%APPDATA%\ntcli\

Security Considerations

When to Show Token Value

Rarely Needed: You should almost never need to see the actual token value. The --show-token flag exists only for emergency debugging.
Use --show-token only when:
  • Debugging authentication issues with support
  • Manually configuring systems that can’t use ntcli directly
  • Recovering from configuration corruption

Safe Information Sharing

The following information from token show is safe to share:
  • ✅ JTI (JWT ID)
  • ✅ Creation and expiration dates
  • ✅ Workspace ID
  • ✅ Status information
The following should never be shared:
  • ❌ Actual token value (when using --show-token)

Error Handling

token refresh

Refresh current workspace token

token list

List all workspace tokens

token create

Create additional workspace tokens

workspace switch

Switch to different workspace