Skip to main content
The AI Stats CLI gives you a first-party terminal workflow for the AI Stats control plane. Use it when you want to:
  • sign in as a real AI Stats user from a local shell, remote shell, or agent runtime
  • create and rotate API keys or management keys
  • manage workspaces, presets, settings, and guardrails
  • use first-party CLI OAuth while user-owned OAuth apps remain in private testing
  • inspect models, providers, pricing, credits, activity, analytics, and generations

Install

npm install -g @ai-stats/cli

Check the installed version

aistats --version
aistats version
aistats version --json
  • aistats --version prints the installed version.
  • aistats version prints the version plus the recommended update command for the current package manager.
  • interactive runs also show an update hint when a newer published version is available.

Sign in

Start with: 
aistats login
The CLI supports two first-party flows:
  • Sign in with AI Stats: browser OAuth with authorization code + PKCE
  • Sign in with Device Code: best for SSH, CI, headless shells, and agent environments
You can force either path: 
aistats login --browser
aistats login --device-code
Remote and non-interactive environments automatically prefer device code.

Confirm who you are

aistats whoami
aistats whoami --json
This returns your current AI Stats user, scopes, active workspace, and available workspaces.

Create keys

aistats keys create --name "Local CLI Key"
aistats keys create --name "Agent Sandbox Key" --json
aistats keys current
Use --json when an agent or automation needs the raw created key once.

Manage workspaces and guardrails

aistats workspaces list
aistats workspaces members <workspace-id-or-slug>

aistats guardrails list
aistats guardrails create --name "Production Safety" --body-json '{"enabled":true}'
The CLI is intended to cover the useful parts of the AI Stats dashboard and management APIs from the terminal.

OAuth apps

User-created OAuth apps are coming soon. This release keeps OAuth client creation in private testing while the first-party AI Stats CLI uses the shared OAuth/OIDC foundation for browser sign-in, device code, token refresh, revoke, userinfo, and JWKS/discovery flows. Self-hosted or preview deployments keep third-party OAuth disabled unless AI_STATS_THIRD_PARTY_OAUTH_ENABLED is set to a truthy value. Accepted truthy values are 1, true, yes, and on, matched case-insensitively after trimming whitespace. Leave the variable unset while validating the first-party CLI path; enabling it exposes user-created OAuth app management and should only be paired with reviewed redirect URI, consent, client-secret, and workspace authorization configuration.
.env
AI_STATS_THIRD_PARTY_OAUTH_ENABLED=true
Docker
docker run -e AI_STATS_THIRD_PARTY_OAUTH_ENABLED=true ai-stats
Kubernetes
env:
  - name: AI_STATS_THIRD_PARTY_OAUTH_ENABLED
    value: "true"

Security model

  • CLI sessions prefer OS-backed secure storage where available.
  • aistats logout revokes the stored refresh token before clearing local state.
  • Management keys require explicit capabilities.
  • Regular inference keys rely on guardrails, routing policies, and workspace settings rather than a separate scope model.

Update

npm install -g @ai-stats/cli@latest

Next steps

Last modified on June 10, 2026