Exchange an Automation Secret

Exchange an automation secret for an access token.

Best for Automation developer and Workspace manager Updated April 3, 2026

CLI In this interface

4 steps Steps

2 interfaces Available in

Use this path when

Use the CLI exchange command after loading an automation secret into the active profile.

What you'll finish here

Use the right credential in the right place.
Mint a short-lived access token safely.
Know when to repeat the exchange.

Where this happens

Label	Value	Notes
Command	./backlog.sh auth set-token blg_auto_xxx	Stores the automation secret.
Command	./backlog.sh auth exchange [--save]	Exchanges the secret for a short-lived access token.

Same Task, Other Interfaces

Use the version that matches where you are working now. The subject matter stays the same; the delivery changes by surface.

Exchange an Automation Secret Alternate path

API

Follow the REST API version of this task.

Exchange an Automation Secret Current path

CLI

Follow the CLI version of this task.

Keep this boundary clear

The long-lived automation secret is not the token you should keep reusing on normal resource endpoints.

Do the work

1. Store the automation secret with `./backlog.sh auth set-token blg_auto_xxx`.
2. Run `./backlog.sh auth exchange --save` if you want the CLI to persist the exchanged access token.
3. Read the returned access token metadata and expiry.
4. Run resource commands after the exchange so they use the short-lived access token instead of the long-lived secret.

Keep Going in Automation and Agents

Stay in the same interface and move to the next closest task in this topic when needed.

CLI Automation and Agents

List Automations

Review the current workspace automations before you create, update, or rotate one.

4 steps

CLI Automation and Agents

Create an Automation

Create the workspace automation boundary, issue the automation secret, and store that secret safely because it is only shown once.

4 steps

CLI Automation and Agents

Update an Automation

Change automation metadata, team boundaries, scopes, or suspension state without recreating the automation.

4 steps

CLI Automation and Agents

Rotate an Automation Secret

Issue a new automation secret when the old one should no longer be trusted, then replace it everywhere the old secret was used.

4 steps

CLI Automation and Agents

List Visible Agents

Review the current visible agent bindings before creating a new agent or editing an existing one.

4 steps

CLI Automation and Agents

Create a Visible Agent

Create a named visible agent under an existing installation so activity, assignees, and attribution can point to a meaningful product actor.

4 steps

CLI Automation and Agents

Update a Visible Agent

Change a visible agent name, team scope, role, or suspension state without recreating the binding.

4 steps

Nearby Guides

These guides stay close to the current workflow so you can keep moving without restarting discovery.

CLI Automation and Agents

Create an Automation

Create the workspace automation boundary, issue the automation secret, and store that secret safely because it is only shown once.

4 steps

CLI CLI Setup

Set the Active CLI Token

Switch the CLI into the right token mode before you run resource or admin commands.

4 steps