Setup, authentication, and configuration commands.
Bootstrap the full local demo stack with Docker/Podman.
flowplane init
No flags — the full demo stack (PostgreSQL + control plane + Envoy + flowplane-agent + httpbin) always boots. Pulls version-matched images from ghcr.io/rajeevramani/flowplane-{cp,agent}:<binary-version>, runs the D9 image pre-flight (local cache → registry probe), waits for /health within the D13 SLA (≤30s warm cache, ≤90s cold pull), saves credentials to ~/.flowplane/credentials. Auto-seeds org dev-org, team default, user dev@flowplane.local, and dataplane dev-dataplane. Works from any directory — no repo checkout or FLOWPLANE_SOURCE_DIR required.
flowplane initv0.2.4+: the pre-bead-2
--with-envoyand--with-httpbinflags are gone. Pass no flags; the full stack always boots. Useflowplane downto stop everything.
Stop the dev stack.
flowplane down [--volumes]
| Flag | Effect |
|---|---|
--volumes |
Remove persistent volumes (deletes database) |
flowplane down --volumesShow system overview or look up a specific listener.
flowplane status [<NAME>]
flowplane status
flowplane status demo-listenerRun diagnostic health checks.
flowplane doctor
View dev stack container logs.
flowplane logs [-f|--follow]
flowplane logs -fList all exposed services.
flowplane list
flowplane list
# Name Port Protocol
# -------------------------------------------------------
# demo 10001 HTTPAuthenticate with the control plane. In dev mode this is a no-op. In prod mode, opens a browser-based PKCE flow.
flowplane auth login [--device-code] [--callback-url <URL>] [--issuer <URL>] [--client-id <ID>]
| Flag | Effect |
|---|---|
--device-code |
Use device code flow instead of browser PKCE |
--callback-url <URL> |
Override the PKCE callback URL |
--issuer <URL> |
OIDC issuer URL (overrides config) |
--client-id <ID> |
OIDC client ID (overrides config) |
flowplane auth login
flowplane auth login --device-codePrint the current access token to stdout.
flowplane auth token
Show the authenticated identity, org, and team. In dev mode, shows the token type and truncated value (no real identity exists). In prod mode, shows user email, org, and team from JWT claims.
flowplane auth whoami
Clear stored credentials.
flowplane auth logout
Display current configuration from ~/.flowplane/config.toml.
flowplane config show [-o json|yaml|table]
Default output is yaml.
flowplane config show
flowplane config show -o jsonSet a configuration value.
flowplane config set <KEY> <VALUE>
| Key | Description |
|---|---|
token |
API authentication token |
base_url |
API base URL |
timeout |
Request timeout in seconds |
team |
Default team context |
org |
Default organization context |
oidc_issuer |
OIDC issuer URL (prod mode) |
oidc_client_id |
OIDC client ID (prod mode) |
callback_url |
PKCE callback URL (prod mode) |
flowplane config set team engineering
flowplane config set base_url http://flowplane.internal:8080Create a default configuration file at ~/.flowplane/config.toml.
flowplane config init [--force]
| Flag | Effect |
|---|---|
--force |
Overwrite existing config file |
flowplane config initPrint the config file path.
flowplane config path
Admin commands for managing the PostgreSQL schema. These connect directly to the database (requires FLOWPLANE_DATABASE_URL env var), not through the API.
Run pending migrations.
flowplane database migrate [--dry-run]
flowplane database migrate --dry-runShow migration status.
flowplane database status
List all applied migrations.
flowplane database list
Validate database schema integrity.
flowplane database validate