# Sinch CLI

The Sinch CLI handles the full lifecycle: create from template, develop locally, deploy to production, and manage running functions.

The CLI is two things in one binary:

**A Sinch developer tool** — rent numbers, send SMS and fax, configure voice apps, manage SIP trunks, handle number porting. No Function required.

**A Functions toolchain** — scaffold from templates, run locally, deploy to production, stream logs, inspect deployed state.

## What it does

- **Functions** — create, deploy, develop locally, stream logs, download, delete
- **Templates** — browse and initialize from pre-built templates (Node.js, C#)
- **Voice** — manage voice applications and callback URLs, make outbound calls (TTS, conference, custom SVAML), control in-progress calls, manage conferences
- **Numbers** — search, rent, and manage phone numbers
- **Porting** — port existing phone numbers in and out of Sinch
- **Conversation** — send messages (SMS, WhatsApp, Messenger, etc.), manage apps, contacts, webhooks
- **Fax** — send faxes, check status
- **SIP Trunking** — manage trunks, endpoints, ACLs, credential lists
- **Secrets** — store API keys and credentials in the OS keychain
- **[Function utilities](/docs/functions/cli/commands/function-utilities)** — inspect deployed function database, storage, status; generate docs; manage developer skills


## Installation


```sh
npm install -g @sinch/cli
```

## Configuration

Configuration is stored in `~/.sinch/config.json`. Use `sinch config set` or `sinch auth login` to update values.

| Field | Description |
|  --- | --- |
| `projectId` | Your Sinch project ID |
| `apiUrl` | SinchFunctions API URL (defaults to production) |
| `keyId` | Public key identifier (non-secret) |
| `defaultApplicationKey` | Voice application key (non-secret) |


## Authentication

Authentication uses your Sinch API key credentials (Key ID + Key Secret from the [Sinch Dashboard](https://dashboard.sinch.com) under Project > Access Keys).

On login, the CLI:

1. Accepts your Key ID and Key Secret
2. Exchanges them for an OAuth 2.0 access token
3. Stores credentials securely in the OS keychain
4. Automatically refreshes the OAuth token on expiry


Voice application credentials (Application Key + Application Secret) are optional and only required for voice callback commands.

### Environment variable override

For CI/CD pipelines, bypass the keychain with environment variables:


```sh
SINCH_PROJECT_ID=...
SINCH_KEY_ID=...
SINCH_KEY_SECRET=...
```

## Config profiles

Profiles let you switch between multiple Sinch projects without re-authenticating.


```sh
sinch config profile create staging    # create a new profile
sinch config profile use staging       # switch to it
sinch config profile list              # show all profiles
sinch config profile delete staging    # remove a profile
```

Use `--profile <name>` on any command to override the active profile for that invocation.

## Global flags

| Flag | Description |
|  --- | --- |
| `-h, --help` | Show help for the current command |
| `-V, --version` | Print CLI version |
| `--profile <name>` | Use a specific credential profile |


## Debug environment variables

| Variable | Effect |
|  --- | --- |
| `DEBUG=1` | Enable verbose debug logging |
| `DEBUG_HTTP=1` | Log HTTP requests and responses |
| `SINCH_DEBUG=1` | Print stack traces on uncaught errors |


## Quick start


```sh
sinch auth login                  # authenticate
sinch templates list              # browse available templates
sinch functions init              # create a function
sinch functions dev               # start local dev server
sinch voice applications callbacks set <url>  # point your Voice app at your function
sinch functions deploy            # deploy to production
sinch functions logs --follow     # stream live logs
```