DocsSlima MCP › Get SLIMA_API_TOKEN

Get SLIMA_API_TOKEN

Last updated June 4, 2026 · 4 min read

Local stdio Slima MCP needs an API token — two paths.

Slima Authorized Apps page: clients appear here after obtaining SLIMA_API_TOKEN

Path 1: CLI auth flow (recommended)

Run:

npx slima-mcp@0 auth

What happens:

  1. Terminal says "Opening browser…"
  2. Default browser opens Slima sign-in
  3. Sign in (or if already, see authorize page)
  4. Click "Authorize"
  5. Redirect to localhost, browser closes
  6. Token saved to ~/.slima/credentials.json (chmod 600)

Every slima-mcp client subsequently auto-reads this token.

Path 2: set the token manually

If the CLI auth flow can't open a browser (server / CI / headless box):

  1. On any machine with a browser, run npx slima-mcp@0 auth once
  2. Open the saved ~/.slima/credentials.json and copy the slima_… value
  3. On the headless machine, set that token directly — as an env var or in config:
# bash / zsh
export SLIMA_API_TOKEN="slima_..."

# or in config
echo '{"slima":{"command":"npx","args":["-y","slima-mcp@0"],"env":{"SLIMA_API_TOKEN":"slima_..."}}}'

Account → Authorized Apps is where you revoke a connection — it has no "create token" button; the token is minted by the auth sign-in above.

Differences

CLI auth Manual
Where stored ~/.slima/credentials.json (auto) env var / config (you)
Security chmod 600, automatic depends how you store
Best for Most people Automation / CI / multi-account

Can one token serve multiple clients?

Yes — same token across Claude Desktop + Cursor + Gemini works.

But one token per client is recommended — revoking one doesn't affect others.

See: Manage authorized apps

Related

Was this helpful?