Login with ChatGPT
The login-with-chatgpt command allows you to authenticate with the Cosine CLI using your existing ChatGPT subscription. This feature enables direct routing to OpenAI’s Codex models, billing usage through your existing OpenAI account.
Supported Subscriptions
Section titled “Supported Subscriptions”This authentication method works with:
- Personal subscriptions: ChatGPT Plus and ChatGPT Pro
- Organization subscriptions: ChatGPT Business and ChatGPT Enterprise
Interactive Browser Flow (Recommended)
Section titled “Interactive Browser Flow (Recommended)”Run the command and let it automatically open your browser:
cos login-with-chatgpt- Your browser will open to the OpenAI OAuth authorization page
- Sign in with your OpenAI account (or select your organization)
- Authorize Cosine CLI to access your account
- You’ll be redirected back to confirm successful authentication
Manual Flow (No Browser)
Section titled “Manual Flow (No Browser)”If you prefer not to open a browser automatically or are in a headless environment:
cos login-with-chatgpt --no-browser- The CLI will display a URL for you to open manually
- Complete the OAuth flow in your browser
- Copy the final redirect URL from your browser’s address bar
- Paste it back into the CLI prompt
How It Works
Section titled “How It Works”When you authenticate with login-with-chatgpt:
- OAuth PKCE Flow: The CLI uses the OAuth 2.0 Authorization Code flow with PKCE for secure authentication
- Token Storage: Your access token, refresh token, and account ID are securely stored in
~/.cosine/auth.openai.jsonwith 0600 permissions - Automatic Refresh: When your access token nears expiration, the CLI automatically refreshes it using your refresh token
- Direct Inference: Future
coscommands use your OpenAI OAuth token for direct inference to OpenAI’s Codex models
Configuration
Section titled “Configuration”After login, your configuration is automatically updated:
[auth.openai]auth_method = "oauth"
[config]logged_in_with_openai = trueSwitching Authentication Methods
Section titled “Switching Authentication Methods”The CLI supports multiple authentication methods. To switch between them:
- Cosine Account: Use
cos loginto authenticate with your Cosine account - ChatGPT Subscription: Use
cos login-with-chatgptto use your OpenAI subscription
Troubleshooting
Section titled “Troubleshooting””No OpenAI OAuth tokens found”
Section titled “”No OpenAI OAuth tokens found””If you see this error when running commands:
no OpenAI OAuth tokens found; run 'cos login-with-chatgpt'Run the login command again to refresh your authentication.
Automatic Fallback
Section titled “Automatic Fallback”If your OpenAI OAuth tokens expire or become invalid, the CLI will automatically:
- Display a warning message in the logs
- Disable OpenAI OAuth authentication
- Fall back to the default Cosine inference endpoint
- Continue working without crashing
You can re-enable OpenAI OAuth by running:
cos login-with-chatgptState Mismatch Errors
Section titled “State Mismatch Errors”If you encounter a “state mismatch” error during the manual flow:
- Ensure you complete the OAuth flow promptly (state expires after 10 minutes)
- Copy the complete redirect URL including all query parameters
- Try the browser flow instead if issues persist
Token Refresh Failures
Section titled “Token Refresh Failures”If token refresh fails:
- Re-run
cos login-with-chatgptto obtain fresh tokens - Check your network connection
- Verify your OpenAI subscription is active
Security
Section titled “Security”- Tokens are stored with file permissions 0600 (readable only by your user)
- PKCE (Proof Key for Code Exchange) protects against authorization code interception attacks
- State parameters prevent CSRF attacks
- No credentials are ever logged or transmitted to Cosine servers when using this auth method
See Also
Section titled “See Also”- Install & Authenticate - General CLI authentication options
- Configuration - Detailed configuration reference