{"id":19879983,"url":"https://github.com/passbolt/go-passbolt-cli","last_synced_at":"2026-01-12T01:55:38.717Z","repository":{"id":39622079,"uuid":"404273568","full_name":"passbolt/go-passbolt-cli","owner":"passbolt","description":"A CLI tool to interact with Passbolt, a Open source Password Manager for Teams ","archived":false,"fork":false,"pushed_at":"2025-12-24T15:09:05.000Z","size":272,"stargazers_count":103,"open_issues_count":17,"forks_count":25,"subscribers_count":3,"default_branch":"main","last_synced_at":"2026-01-03T05:15:13.074Z","etag":null,"topics":["cli","passbolt"],"latest_commit_sha":null,"homepage":"https://passbolt.com","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/passbolt.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2021-09-08T08:42:09.000Z","updated_at":"2025-12-31T10:54:15.000Z","dependencies_parsed_at":"2023-12-19T16:02:29.973Z","dependency_job_id":"6152e1a7-f6f4-4a6a-9752-5679d5625afd","html_url":"https://github.com/passbolt/go-passbolt-cli","commit_stats":{"total_commits":135,"total_committers":9,"mean_commits":15.0,"dds":0.4222222222222223,"last_synced_commit":"d9703ff6fd15d564d5112d95ac099b561d057af4"},"previous_names":["speatzle/go-passbolt-cli"],"tags_count":24,"template":false,"template_full_name":null,"purl":"pkg:github/passbolt/go-passbolt-cli","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/passbolt%2Fgo-passbolt-cli","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/passbolt%2Fgo-passbolt-cli/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/passbolt%2Fgo-passbolt-cli/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/passbolt%2Fgo-passbolt-cli/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/passbolt","download_url":"https://codeload.github.com/passbolt/go-passbolt-cli/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/passbolt%2Fgo-passbolt-cli/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28331318,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-12T00:36:25.062Z","status":"ssl_error","status_checked_at":"2026-01-12T00:36:15.229Z","response_time":60,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.6:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cli","passbolt"],"created_at":"2024-11-12T17:09:55.534Z","updated_at":"2026-01-12T01:55:38.706Z","avatar_url":"https://github.com/passbolt.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"# go-passbolt-cli\n\nA CLI tool to interact with [Passbolt](https://www.passbolt.com), an open source password manager for teams.\n\nIf you want to do something more complicated: [this Go module](https://github.com/passbolt/go-passbolt) to interact with Passbolt from Go might interest you.\n\nDisclaimer: This project is community driven and not associated with [Passbolt SA](https://www.passbolt.com/about).\n\n# Install\n\n## Via Repository (Preferred):\n[![Packaging status](https://repology.org/badge/vertical-allrepos/passbolt-cli.svg)](https://repology.org/project/passbolt-cli/versions)\n\nUse the package from your distros official repository.\n\n## Via Package:\n\nDownload the deb/rpm package for your distro and architecture from the latest release.\n\nInstall via your distros package manager like `dpkg -i`.\n\n## Via Homebrew\n\n brew install passbolt/tap/go-passbolt-cli\n\n## Via Archive:\n\nDownload and extract the archive for your OS and architecture from the latest release.\n\nNote: Tab completion and manpages will need to be installed manually.\n\n## Via Go:\n\n go install github.com/passbolt/go-passbolt-cli@latest\n\nNote: This will install the binary as `go-passbolt-cli`. Also, tab completion and manpages will be missing.\n\n# Getting Started\n\nFirst, you need to set up basic information:\n\n- The server address,\n- your private key\n- and your password/passphrase.\n\nYou have these options:\n\n- Save it in the config file using\n \n```\npassbolt configure --serverAddress https://passbolt.example.org --userPassword '1234' --userPrivateKeyFile 'keys/privatekey.asc' \n```\n\nor\n\n```\npassbolt configure --serverAddress https://passbolt.example.org --userPassword '1234' --userPrivateKey '-----BEGIN PGP PRIVATE KEY BLOCK-----' \n```\n\n- Set up environment variables\n- Provide the flags manually every time\n\nNotes:\n\n- You can set the private key using the flags `--userPrivateKey` or `--userPrivateKeyFile` where `--userPrivateKey` takes the actual private key and `--userPrivateKeyFile` loads the content of a file as the private key, `--userPrivateKeyFile` overwrites the value of `--userPrivateKey`.\n- You can also just store the `serverAddress` and your private key. If your password is not set it will prompt you for it every time.\n- Passwordless private keys are not supported.\n- MFA settings can also be saved permanently this way.\n\n# Usage\n\nGenerally, the structure of commands are like this:\n\n```bash\npassbolt action entity [arguments]\n```\n\n`action` is the action you want to perform like creating, updating or deleting an entity.\n`entity` is a resource (e.g. password), folder, user or group that you want to apply an action to.\n\nIn Passbolt a password is usually referred to as a \"resource\".\n\nTo create a resource you can do the following, which will return the ID of the newly created resource:\n\n```bash\npassbolt create resource --name \"Test Resource\" --password \"Strong Password\"\n```\n\nYou can then list all users:\n\n```bash\npassbolt list user\n```\n\nNote: You can adjust which columns should be listed using the flag `--column` or its short from `-c`,\nif you want multiple column then you need to specify this flag multiple times.\n\nFor sharing, we will need to know how we want to share, for that there are these permission types:\n\n| Code | Meaning | \n|------|----------------------------| \n| `1` | Read-only | \n| `7` | Can update | \n| `15` | Owner |\n| `-1` | Delete existing permission | \n\nNow, that we have a resource ID, know the IDs of other users and know about permission types, we can share the resource with them:\n\n```bash\npassbolt share resource --id id_of_resource_to_share --type type_of_permission --user id_of_user_to_share_with\n```\n\nNote: You can supply the users argument multiple times to share with multiple users.\n\nFor sharing with groups the `--group` argument exists.\n\n# MFA\n\nYou can set up MFA also using the configuration sub command. Only TOTP is supported. There are multiple modes for MFA: `none`, `interactive-totp` and `noninteractive-totp`.\n\n| Mode | Description |\n|-----------------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|\n| `none` | just errors if challenged for MFA. |\n| `interactive-totp` | prompts for interactive entry of TOTP Codes. |\n| `noninteractive-totp` | automatically generates TOTP codes when challenged. It requires the `mfaTotpToken` flag to be set to your TOTP secret. You can configure the behavior using the `mfaDelay`, `mfaRetrys` and `mfaTotpOffset` flags |\n\n# Server Verification\n\nTo enable server verification, you need to run `passbolt verify` once, after that the server will always be verified if the same config is used.\n\n# Scripting\n\nFor scripting we have a `-j` or `--json` flag to convert the output for the `create`, `get` and `list` commands to JSON for easier parsing in scripts.\n\nNote: The JSON output does not cover error messages. You can detect errors by checking if the exit code is not 0.\n\n# Exposing Secrets to Subprocesses\n\nThe `exec` command allows you to execute another command with environment variables that reference secrets stored in Passbolt.\nAny environment variables containing `passbolt://` references are automatically resolved to their corresponding secret values\nbefore the specified command is executed. This ensures that secrets are securely injected into the child process's environment\nwithout exposing them to the parent shell.\n\nFor example:\n\n```bash\nexport GITHUB_TOKEN=passbolt://\u003cPASSBOLT_RESOURCE_ID_HERE\u003e\npassbolt exec -- gh auth login\n```\n\nThis would resolve the `passbolt://` reference in `GITHUB_TOKEN` to its actual secret value and pass it to the GitHub process.\n\n# Documentation\n\nUsage for all subcommands is [here](https://github.com/passbolt/go-passbolt-cli/wiki/passbolt).\nAnd is also available via `man passbolt`\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpassbolt%2Fgo-passbolt-cli","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fpassbolt%2Fgo-passbolt-cli","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpassbolt%2Fgo-passbolt-cli/lists"}