Skip to content

feat(cli): add auth login --anonymize flag#415

Open
anttiviljami wants to merge 1 commit into
mainfrom
claude/cli-auth-anonymize
Open

feat(cli): add auth login --anonymize flag#415
anttiviljami wants to merge 1 commit into
mainfrom
claude/cli-auth-anonymize

Conversation

@anttiviljami

Copy link
Copy Markdown
Member

Summary

Adds epilot auth login --anonymize, mirroring the existing --readonly flag, to force anonymize mode when minting a CLI token. A session authorized with the flag receives a token carrying the anonymize claim, so entity-api masks personal data in every response to that token and the session cannot switch it off.

  • auth login: new --anonymize flag, a notice line when set, and anonymize=true appended to the browser login URL.
  • auth (status): shows Data: anonymized when the active token carries the claim.

The login URL param is already consumed by the login portal (epilot360-login !170), which reads anonymize=true to check + lock the Anonymize option and mint the token with the claim. No further epilot360-login change is required — this CLI flag completes the chain.

Backend: claim minted by access-token-api, enforced by entity-api via @epilot/anonymization.

Test plan

  • --anonymize appears in epilot auth login --help
  • Login URL includes &anonymize=true only when the flag is set (mirrors --readonly)
  • Changed files typecheck clean and pass biome (pre-existing src/lib/call.ts / profiles.ts type errors and call.test.ts failures are unrelated and present on main)
  • Manual: epilot auth login --anonymize, complete browser login, run epilot auth and confirm Data: anonymized

🤖 Generated with Claude Code


Generated by Claude Code

Mirror the existing --readonly flag to force anonymize mode when minting a CLI
token. The flag appends anonymize=true to the browser login URL, which the
login portal (epilot360-login) reads to check + lock the Anonymize option and
mint a token carrying the anonymize claim. entity-api then masks personal data
in every response to that token.

- auth login: --anonymize flag, notice line, anonymize=true login-URL param
- auth (status): show 'Data: anonymized' when the token carries the claim

Co-authored-by: Claude <noreply@anthropic.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants