CLI Client Setup

The Conjur CLI implements the Conjur REST API, providing an alternate interface for managing Conjur resources, including roles, privileges, policy, and secrets.

Start the CLI Client

You can start the CLI Client either as a docker container or as a Ruby gem.

Docker container

The following command starts a highly secure ephemeral container for the CLI based on the latest pulled DockerHub image.

$ docker run --rm -it --name conjur-client --link <conjur-container-name> cyberark/conjur-cli:5




If local, use the name of the Conjur appliance.

If you are running the CLI client on a separate machine the --link argument is not required.

To understand how to persist identity data so that subsequent sessions are quicker to start up, see the CLI readme.

Ruby Gem

If you have a Ruby environment, you may choose to install the Ruby gem. See the CLI readme.

Initialize the Client

Enter the following command at the bash prompt:

conjur init --url <conjur-appliance-hostname> --account <organizational-account>





The URL of the Conjur appliance in the following format https://<host-name>.


The organizational account assigned to this Conjur appliance during configuration.

Authenticate to the client

  1. Enter the following command at the bash prompt:

    conjur authn login <user-name>




    A valid Conjur username. You can use the built-in admin user.

  2. Enter the user password when prompted.

  3. For a list of valid commands, enter

    conjur --help

    or, see the CLI Client Reference.