Sentinel CLI.

The Sentinel CLI now in PUBLIC BETA — fast and token efficient Sentinel access from your terminal, with --json and --csv out everywhere.

40commands

9domains

Node 20+requires

kajeet-sentinel — v1.0.1

❯

/// Install

Install the CLI

Requires Node.js 20 or newer. macOS, Linux, and Windows are supported.

Quick installation for MacOS & Linux

curl -fsSL https://get.kajeet.dev/install.sh | sh
kajeet-sentinel --version

Quick Installation for Windows

npm install -g https://get.kajeet.dev/v1.0.1/kajeet-sentinel-cli-1.0.1.tgz
kajeet-sentinel --version

/// Authenticate

Authenticate

Sign in interactively, or wire up headless access for agents and CI.

Interactive login

kajeet-sentinel auth login

The CLI will open your browser so you can sign in securely with OAuth. Leave the terminal open while you complete login. When the browser says login is complete, return to the terminal and run kajeet-sentinel auth whoami to confirm.

Headless / API-key setup

echo "$SENTINEL_API_KEY" | kajeet-sentinel auth login --api-key -
kajeet-sentinel doctor --json

Pinned install for agents or CI

curl -fsSL https://get.kajeet.dev/install.sh | sh -s -- --version 1.0.1
kajeet-sentinel --version
kajeet-sentinel doctor --json

Discover commands

kajeet-sentinel help
kajeet-sentinel schema commands --json
kajeet-sentinel schema command devices.list --json

Update

curl -fsSL https://get.kajeet.dev/install.sh | sh

/// Command reference

Devices

Look up, list, and inspect devices and groups. Select a command for usage, flags, and sample output.

/// Global flags

Available on every command

Every command's help reports these four. They never conflict with command-specific flags.

--json

Output the standard JSON envelope.

--csv

Output as CSV. Only meaningful for commands with tabular output.

--corp <id>

Override the active corpId for this command.

--all

Paginate through all results. Only meaningful on list commands.

List & pagination flags

--limit <n>

Max records per request (1–1000). Ignored when --all is set.

--ndjson

Stream newline-delimited JSON records. Pairs with --all.

--max-records <n>

Cap the total number of records when paginating with --all.

/// For agents & scripts

JSON envelope & exit codes

Every command supports --json and returns the same envelope. Discover the full surface with schema commands, then fetch typed I/O with schema command <id>.

kajeet-sentinel devices totals --json

{
  "ok": true,
  "command": "devices.totals",
  "meta": { "durationMs": 344, "timestamp": "2026-06-01T01:09:33.986Z", "cliVersion": "1.0.1" },
  "account": { "corpId": "SUPPORT", "username": "you@example.com" },
  "request": { "backend": "api", "endpoint": "GET /v1.0/devices/{corpId}/totals" },
  "data": { "active": 1249, "suspended": 1, "total": 1250 }
}

exit 0

Success — data printed (or the JSON envelope has "ok": true).

exit 4

Permission denied — missing scope or feature not enabled for the corp.

exit 5

Not found — unknown command id or resource.

exit 6

Validation / upstream error — bad arguments or an API 4xx (see error.message).

/// Environment

Environment variables

Set these for headless runs and CI. Inspect what the CLI sees with kajeet-sentinel auth env.

SENTINEL_API_KEY

MCP API key for headless login (equivalent to piping into auth login --api-key -).

SENTINEL_API_URL

Override the Sentinel API base URL.

SENTINEL_AUTH_URL

Override the MCP auth base URL.

SENTINEL_TIMEOUT_MS

Per-request timeout in milliseconds.

SENTINEL_VERBOSE

Set to 1 to log HTTP request/response details to stderr.

Wire it into CI today.

Generate an MCP API key, drop it into your pipeline secrets as SENTINEL_API_KEY, and let your build server talk to Sentinel.

Free Trial SIM