# Requesting Access with CLI

{% hint style="success" %}
We launched the Access Assistant MCP Server - request the access you need from your favorite AI Tool - Claude, Copilot, VSCode, and others. Learn more [here](/docs/access-requests-and-approvals/apono-assist-mcp-server.md).
{% endhint %}

The Apono CLI enables you to view, request, and receive permission to services, databases, and applications that are centrally managed via Apono.

***

### Prerequisites

<table><thead><tr><th width="193">Item</th><th>Description</th></tr></thead><tbody><tr><td><strong>Apono Account</strong></td><td>Grantee access to Apono<br><br>You can verify that you have access by going to the <a href="https://portal.apono.io/">Apono Portal</a> or contacting your administrator to obtain a user account.</td></tr><tr><td><strong>Access Flow Grantee</strong></td><td><p>Inclusion in at least one <a href="/pages/mIVm6DxVw9MwkE8UFHX7">access flow</a></p><p>Contact your administrator for more information.</p></td></tr></tbody></table>

***

### Log in to Apono

Before you can make access requests via the Apono CLI, you must log in to your Apono account.

Follow these steps to log in:

1. In Terminal, initiate logging in to your Apono account. The Apono UI login screen will open in a new web browser tab.

   ```shell
   apono login
   ```
2. In the web browser tab, log in to your Apono account. After successfully logging in to your account, the **Authorized** page will appear.
3. Close the browser tab.

***

### Request new access

You can request access to specific resources or a bundle.

{% hint style="success" icon="lightbulb" %}
Since requests for different integrations have specific requirements, we recommend the following steps:

1. Use the interactive approach explained below to make an initial integration request.
2. Create and save an alias with the request command displayed in the CLI.
   {% endhint %}

{% tabs %}
{% tab title="Request by Integration" %}
{% hint style="info" %}
When making selections for each prompt, note the following:

* If a specific prompt only has one associated option, that option will automatically be chosen and the next prompt will appear.
* Use the arrow keys on your keyboard to highlight an option.
* If a prompt accepts multiple options, use the spacebar to select one or several of the options.
* Use the Enter or Return key on your keyboard to submit an entry.
  {% endhint %}

Follow these steps to request access to an integration:

1. [Log in to Apono](https://docs.google.com/document/d/1QHVQM0YnbW5qnGBcJgLFkNZhP5qovAn0nviop1S_gtw/edit?tab=t.0#heading=h.11u5417cofp0).
2. In Terminal, enter `apono`. The **What do you want to do?** prompt appears.

```shellscript
apono
```

3. Select and submit **Request new access**. The **Select request type** prompt appears.
4. Select and submit **Integration**. The **Select integration** prompt appears.
5. Select and submit an integration. The **Select resource type** prompt appears.
6. Select and submit a resource type. A prompt listing available resources appears.
7. Select and submit one or more resources. The **Select permissions** prompt appears.
8. Select and submit a permission. The **Enter duration in hours** prompt appears.
9. Enter and submit a time duration. The **Enter Justification** prompt appears.

{% hint style="info" %}
You can enter minutes as a decimal portion of an hour. For example, 45 minutes as *0.75*.
{% endhint %}

10. Enter and submit a reason for requesting access. A response is displayed with a notice and status of the access request.
11. (Optional) Copy and save the notice that displays the command to make the same request again.

{% hint style="success" icon="lightbulb" %}
You can run `alias <MY-COMMAND-NAME>='<APONO-COMMAND>'` to save the Apono command as a shell alias to request access again.

This alias is temporary. To persist it, add it to your shell configuration file, such as `~/.zshrc` or `~/.bashrc`.
{% endhint %}

If enabled by your admin, you will receive a notification via Slack or Microsoft Teams. Otherwise, the notification will be delivered by email.
{% endtab %}

{% tab title="Request by Bundle" %}
{% hint style="info" %}
When making selections for each prompt, note the following:

* If a specific prompt only has one associated option, that option will automatically be chosen and the next prompt will appear.
* Use the arrow keys on your keyboard to highlight an option.
* If a prompt accepts multiple options, use the spacebar to select one or several of the options.
* Use the Enter or Return key on your keyboard to submit an entry.
  {% endhint %}

Follow these steps to request access to a bundle:

1. [Log in to Apono](https://docs.google.com/document/d/1QHVQM0YnbW5qnGBcJgLFkNZhP5qovAn0nviop1S_gtw/edit?tab=t.0#heading=h.11u5417cofp0).
2. In Terminal, enter `apono`. The **What do you want to do?** prompt appears.

```shellscript
apono
```

3. Select and submit **Request new access**. The **Select request type** prompt appears.
4. Select and submit **Bundle**. The **Select bundle** prompt and list of bundles appears.
5. Select and submit a bundle. The **Enter duration in hours** prompt appears.
6. Enter and submit a time duration. The **Enter Justification** prompt appears.

{% hint style="info" %}
You can enter minutes as a decimal portion of an hour. For example, 45 minutes as *0.75*.
{% endhint %}

7. Enter and submit your reason for bundle access. A response is displayed with a notice and status of the access request.
8. (Optional) Copy and save the notice that displays the command to make the same request again.

{% hint style="success" icon="lightbulb" %}
You can run `alias <MY-COMMAND-NAME>='<APONO-COMMAND>'` to save the Apono command as a shell alias to request access again.

This alias is temporary. To persist it, add it to your shell configuration file, such as `~/.zshrc` or `~/.bashrc`.
{% endhint %}

If enabled by your admin, you will receive a notification via Slack or Microsoft Teams. Otherwise, the notification will be delivered by email.
{% endtab %}
{% endtabs %}

***

### Request access again

If your access has expired, been revoked, or been rejected, you can request the same access again.

Follow these steps to request access again:

1. [Log in to Apono](#log-in-to-apono).
2. In Terminal, enter the command that was displayed when you submitted your original request. The following is an example integration request.

{% code overflow="wrap" %}

```shellscript
apono requests create --integration "aws-account/AWS-account-Playground-integration" --resource-type "aws-account-s3-bucket" --permissions "READ_ONLY" --resources "arn:aws:s3:::playground-env-terraform-01-state" --duration 7m22.8s --justification "Testing"
```

{% endcode %}

{% hint style="success" icon="lightbulb" %}
If you previously saved the post-request command as a shell alias, you can run the alias instead.
{% endhint %}

If enabled by your admin, you will receive a notification via Slack or Microsoft Teams. Otherwise, the notification will be delivered by email.

***

### View requests

You can view your open and closed requests.

<figure><img src="/files/A9VcnIioWYPvs3MAzHim" alt=""><figcaption></figcaption></figure>

Follow these steps to view your requests:

1. [Log in to Apono](#log-in-to-apono).
2. In Terminal, enter `apono requests list` at the prompt. A list of your recent requests will be displayed.

{% code overflow="wrap" %}

```shellscript
apono requests list
```

{% endcode %}

***

### Revoke an access request

If you need to revoke your access, you must revoke access through one of the following clients:

* [Slack](https://docs.apono.io/docs/access-requests-and-approvals/slack/requesting-access-with-slack#revoke-an-access-request)
* [Teams](https://docs.apono.io/docs/access-requests-and-approvals/teams/requesting-access-with-teams#revoke-an-access-request)
* [Backstage](https://docs.apono.io/docs/access-requests-and-approvals/backstage/requesting-access-with-web-portal#revoke-an-access-request)
* [Web Portal](https://docs.apono.io/docs/access-requests-and-approvals/web-portal/requesting-access-with-web-portal#revoke-an-access-request)

***

### Access Statuses

<table><thead><tr><th width="189">Status</th><th>Description</th></tr></thead><tbody><tr><td><strong>Pending Approval</strong></td><td>The request is waiting for the approver to approve or reject the request.</td></tr><tr><td><strong>Granting</strong></td><td>The request has been approved. Apono is provisioning the access.</td></tr><tr><td><strong>Active</strong></td><td><p>Access has been provisioned. You can access the resource.</p><p>Follow these steps to access the resource:</p><ol><li>In Terminal, enter <code>apono access</code>. The Select access prompt and a list of resources appears.</li><li>Select and submit the resource to access.The <strong>Select how to use access</strong> prompt appears.</li><li>Select and submit <strong>Connect</strong>.</li></ol></td></tr><tr><td><strong>Rejected</strong></td><td>The request has been rejected either automatically or by approvers.</td></tr><tr><td><strong>Revoking</strong></td><td>An admin has initiated removing your resource access.</td></tr><tr><td><strong>Revoked</strong></td><td>An admin has removed your resource access.</td></tr><tr><td><strong>Failed</strong></td><td><p>An error has occurred with your request. Contact your admin.</p><div data-gb-custom-block data-tag="hint" data-style="warning" class="hint hint-warning"><p>Requests pending approval for over 7 days become Failed automatically.</p></div></td></tr></tbody></table>


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.apono.io/docs/access-requests-and-approvals/cli/requesting-access-with-cli.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.