> ## Documentation Index
> Fetch the complete documentation index at: https://docs.opal.dev/llms.txt
> Use this file to discover all available pages before exploring further.

# CLI Changelog

> Learn about notable changes to the Opal CLI.

See the [npm package](https://www.npmjs.com/package/opal-security) for changes released prior to version 3.2.1. This project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).

## 5.1.2

* Added `--openBrowser` flag to session creation commands to automatically open the browser without prompting for confirmation. This is useful for automation and CI/CD workflows.

## 5.1.1

* Fixed issue preventing Postgres and Kubernetes sessions from starting

## 5.1.0

* Removed device code flow as option for authentication

## 5.0.1

* Improved MFA and OIDC Authentication flows to poll on completion and no longer rely on cached sessions. This change requires Opal 1.1087.0 or later.

## 4.1.0

* Temporarily re-add `curl-example` command.
* Change Auth Code flow to use port 49152 instead of 8080, with 49153 and 49154 as fallbacks.

## 4.0.3

* Backwards-compatibility fix to ensure users with config files from previous CLI versions can still login correctly.

## 4.0.2

* `opal login` defaults to using the [authorization code flow with PKCE](https://auth0.com/docs/get-started/authentication-and-authorization-flow/authorization-code-flow-with-pkce) for authentication by default.
* Logging in with the previous [device authorization flow](https://auth0.com/docs/get-started/authentication-and-authorization-flow/device-authorization-flow) now requires the `--device-code` or `-d` flag.
* User now has to explicitly press enter before browser is opened for browser based authentication.
* Add new `set-auth-config` and `clear-auth-config` commands. These allow setting/clearing the user's organization ID, auth client ID, and auth issuer
* Remove `set-auth-provider` and `clear-auth-provider`. Functionality for these have been subsumed into the new commands.
* When a user sets `organizationID` and `clientID` via `set-auth-config`, then `opal login` will no longer prompt the user to select an org.

## 3.2.4

* Resolved an issue where the `opal request create` command failed to retrieve all available assets when a connection had more than 100 requestable items. The command now correctly handles pagination to display all requestable assets, regardless of quantity.

## 3.2.3

* Eliminated noisy third party deprecation warnings in CLI outputs for cleaner command-line experience

## 3.2.2

* Added new `--bundle` flag to the `opal request create` command, allowing users to create requests based on assets in an existing bundle
* Added new`--template` flag to the `opal request create` command, allowing users to create new access requests based on previous ones with requested
* Added more descriptive error messaging in `opal request create`
* Print URL link to authentication page in browser if `opal login` does not open browser automatically

## 3.2.1

Introduced on 2025-06-13.

* New request experience in CLI:
  * `opal request create` starts an interactive experience to create an access request in Opal, or users can pass in appropriate flags to bypass the interactivity
  * `opal request get --id` retrieves data about a certain request id including its status
  * `opal request list` retrieves data about the user's 10 most recent outgoing access requests

* New command `opal whoami`:
  * Returns information about the current setup, including the set Opal server URL, organization name, and actively logged-in user email, if any.

***