Help Center / Connect Apps and Channels
How-toSet Up the Operator CLI for Your Team
Set up the CLI, add a team token, and check workspace access.
Before You Start
Use the Operator CLI when a trusted teammate or automation runner needs command-line access to the same Agentic Workers organization that owns your Super Agent, team agents, integrations, schedules, and traces. A trace is the step-by-step run log for an agent request.
You need owner or admin-approved access to the Team workspace, permission to generate an organization token, and a workstation or runner where you can keep secrets out of source control.
Decide who owns the token before setup. Treat it like a password because it can operate inside your organization. Do not paste it into public chats, screenshots, pull requests, or shared documents.
Install the CLI
Install the Operator CLI on the machine that will run team operations. Use your team's approved package source or the install command shown in the Agentic Workers Operator CLI page.
After installation, run the CLI help command to confirm the binary is on your PATH. If a shell cannot find the command, reopen the terminal or add the install directory to PATH before continuing.
For shared automation, install the CLI under the service account that will run the job. A personal laptop setup is useful for testing, but production jobs should run from a controlled runner with clear ownership.
Create and Store the Team Token
Open the Team workspace in Agentic Workers, go to the Operator CLI or organization token area, and generate a new token for the team workflow. Copy it immediately because the full token is only safe to show once.
Store the token in your password manager, CI secret store, or local secret manager. Use a name that explains the owner and purpose, such as agw-operator-support-reporting or agw-operator-release-runner.
Do not commit the token to a repository. If it appears in a log, screenshot, or shell history that other people can access, revoke it and create a new token before using the CLI again.
Connect the CLI to the Workspace
Configure the CLI with the Agentic Workers API origin and the organization token. For production, use the Agentic Workers production origin unless your team is intentionally testing against a dev or staging environment.
If the CLI asks for a profile name, choose a clear team name instead of a personal nickname. This helps teammates understand which workspace a command will affect before they run it.
Keep separate profiles for production and test workspaces. Never reuse a production token for local experiments that create sample agents, schedules, or tool connections.
Verify Access Safely
Start with a read-only command such as listing agents, listing available tools, or checking the current organization. Confirm the output belongs to the expected Team workspace before running any write command.
Next, test one reversible action in a low-risk area. For example, create a temporary test agent, add a short test memory, or create a disabled draft schedule, then remove it after verification.
Open Agentic Workers after the test and inspect the related agent, schedule, or trace. The visible workspace should match the CLI profile and the action should be easy for another teammate to audit.
Roll It Out to Teammates
Share the setup steps, not the raw token. Each teammate who needs command-line access should use an approved token path and understand which actions require human approval.
For production workflows, document the owner, runner, token storage location, expected commands, and rollback steps. Keep sensitive values out of the document and link to your internal secret manager instead.
Review CLI access when teammates change roles, when a runner is replaced, or when a workflow starts touching customer data, external messages, billing, or connected provider accounts.
Troubleshooting
If the CLI returns unauthorized, confirm the token was copied completely, the configured API origin is correct, and the token has not been revoked. Generate a fresh token if there is any doubt.
If commands show the wrong organization, switch profiles or regenerate the token from the intended Team workspace. Do not continue until read-only commands point to the right workspace.
If a command cannot use a connected app, reconnect that integration inside the Team workspace and verify the agent has the required tool enabled before retrying from the CLI.
If a teammate is blocked, ask them to capture the command name, profile name, error text, and timestamp. Do not ask them to send the token itself.
Was this helpful?
Your feedback helps us rank and improve Help Center articles.
Related Articles
Connect Claude and Other MCP Clients to Your Super Agent
Connect Claude Desktop, Claude Code, or another app that supports Model Context Protocol (MCP).
Read ArticleConnect Apps and Tools to Your Agents
Connect apps to an agent and test the right tools before production work.
Read ArticleCreate Your Team Workspace
Create a shared Team workspace, invite teammates, and set up agents, tools, and billing.
Read ArticleInvite and Manage Team Members
Invite teammates, set owner access, and fix common member issues.
Read ArticleDeploy an Always-On Hosted Super Agent
Keep a tested Super Agent online for shared team work, tools, and owners.
Read ArticleRead an Agent Trace
Use traces, the step-by-step run logs, to find tool calls, failures, and ways to improve an agent.
Read ArticleManage Credits and Plan Limits
Understand how credits, usage, and plan limits affect agent runs.
Read Article