Getting Started

Install the CLI, authenticate with your SystemLink server, and start managing resources in minutes.

Installation

1

Cross-platform — pipx

The recommended install method for most users. It keeps slcli isolated from your system Python and other Python tools. Requires pipx and Python 3.11+.

pipx install systemlink-cli

# Verify the command is on your PATH
slcli --help

Update

pipx upgrade systemlink-cli
2

macOS / Linux — Homebrew

Install using Homebrew.

# Add the NI developer tools tap
brew tap ni-kismet/homebrew-ni

# Install slcli
brew install slcli

Update

brew update && brew upgrade slcli
3

Windows — Scoop

Install using Scoop package manager.

# Add the NI developer tools bucket
scoop bucket add ni-kismet https://github.com/ni-kismet/scoop-ni

# Install slcli
scoop install slcli

Update

scoop update slcli
4

Standalone Binary (no package manager)

Download a pre-built binary from GitHub Releases and add it to your PATH. No Python or package manager required.

# macOS
curl -fsSL https://github.com/ni-kismet/systemlink-cli/releases/latest/download/slcli-macos.tar.gz | tar xz
sudo mv slcli/slcli /usr/local/bin/

# Linux
curl -fsSL https://github.com/ni-kismet/systemlink-cli/releases/latest/download/slcli-linux.tar.gz | tar xz
sudo mv slcli/slcli /usr/local/bin/

# Windows — download slcli.zip from the releases page,
# extract, and add the folder to your PATH
5

pip (PyPI)

Fallback for virtual environments, CI jobs, containers, or environments where you want slcli installed into an existing Python environment. Requires Python 3.11+.

pip install systemlink-cli

# Command name after install
slcli --help

Update

pip install --upgrade systemlink-cli
6

From Source (development)

For contributors and development. Requires Poetry.

git clone https://github.com/ni-kismet/systemlink-cli.git
cd systemlink-cli
pip install poetry
poetry install
poetry run slcli

Authentication

Before using any commands, authenticate with your SystemLink server.

Interactive Login

# First time setup — creates a 'default' profile
slcli login

# Create named profiles for different environments
slcli login --profile dev
slcli login --profile prod --url "https://prod-api.example.com"

Non-Interactive Login

# Provide all credentials via flags
slcli login --profile myprofile \
  --url "https://your-server.com" \
  --api-key "your-api-key" \
  --web-url "https://your-server-web.com"

Note: The CLI automatically converts HTTP URLs to HTTPS for security. SystemLink servers typically require HTTPS for API access.

Logout

# Remove current profile
slcli logout

# Remove a specific profile
slcli logout --profile dev

# Remove all profiles
slcli logout --all --force

Shell Completion

Enable tab completion to improve productivity.

# Auto-detect your shell and install
slcli completion --install

# Or specify shell explicitly
slcli completion --shell bash --install
slcli completion --shell zsh --install
slcli completion --shell fish --install
slcli completion --shell powershell --install

Restart your shell after installation, or source the completion file.

Multi-Profile Management

Manage multiple SystemLink environments (development, testing, production) using profiles.

# List all configured profiles
slcli config list

# Show current profile
slcli config current

# Add or update a profile
slcli config add --profile dev

# Switch active profile
slcli config use prod

# View current config (API keys masked)
slcli config view

# View with full API key visible
slcli config view --show-secrets

# Delete a profile
slcli config delete old-profile --force

slcli config view shows the stored profile values on disk. If environment overrides are active, it displays a warning directing you to slcli info for the effective resolved values.

Using Profiles with Commands

# Use a specific profile for a single command
slcli --profile prod workspace list
slcli -p dev template list

# Or set via environment variable
export SLCLI_PROFILE=prod
slcli workspace list

Configuration File

Profiles are stored in ~/.config/slcli/config.json with secure file permissions (600).

# Set custom config location
export SLCLI_CONFIG=/path/to/config.json

# Migrate from legacy keyring storage
slcli config migrate

Environment Variables

Environment variables take precedence over profile settings. Profile selection uses --profile first, then SLCLI_PROFILE, then the current profile in config. After that, API URL, API key, and Web URL are each resolved independently, so a stale environment variable can override just one field.

VariableDescription
SLCLI_PROFILEProfile to use (default: current profile)
SLCLI_CONFIGCustom config file path
SLCLI_API_URLPreferred API URL override
SLCLI_API_KEYPreferred API key override
SLCLI_WEB_URLPreferred web UI URL override
SYSTEMLINK_API_URLLegacy alias for SLCLI_API_URL
SYSTEMLINK_API_KEYLegacy alias for SLCLI_API_KEY
SYSTEMLINK_WEB_URLLegacy alias for SLCLI_WEB_URL

Use slcli info to see the effective source for each connection setting and any active overrides.

Readonly Mode

Enable readonly mode on a profile to disable all mutation operations — ideal for AI agents, monitoring dashboards, and shared demo environments.

# Enable readonly on a new profile
slcli login --profile aiagent --readonly

# Enable on existing profile
slcli login --profile aiagent \
  --url "https://your-server.com" \
  --api-key "your-api-key" \
  --readonly

When attempting a protected operation with a readonly profile, the CLI exits with code 4 (PERMISSION_DENIED) and displays a clear message:

✗ Cannot create: profile is in readonly mode
Readonly mode disables all mutation operations
(create, update, delete, edit, import, upload, publish, disable) for safety.

Readonly mode is ideal for:

  • AI agent safety — prevent accidental data modification
  • Read-only reports — generate analyses without changing data
  • Automated monitoring — query systems without mutation risk
  • Demo/training — allow exploration without modification

Platform Detection

The CLI supports both SystemLink Enterprise (SLE) and SystemLink Server (SLS) with automatic platform detection.

# View current platform and feature availability
slcli info

# JSON output for scripting
slcli info --format json

The info output includes API URL, API key, and Web URL source rows so you can tell whether the CLI is using a profile value, an environment variable, or a legacy fallback.

PlatformNotebook ExecutionCustom Fields/Templates/Workflows
SLE✓ Full support✓ Full support
SLS✓ Path-based API✗ Not available

AI Agent Skills

Bundled agent skills are available for supported assistants.

Install them into the current repository or your personal assistant folders:

# Project-scoped install for most agents
slcli skill install --client agents --scope project

# Personal install for both supported clients
slcli skill install --client all --scope personal

The bundled slcli skill includes guidance for:

  • CLI resource workflows — querying and managing SystemLink resource types across the platform
  • Hosted webapps — building Nimble Angular web applications using @ni/nimble-angular and @ni/systemlink-clients-ts
  • SystemLink notebooks — creating, parameterizing, and deploying notebooks with the correct papermill and SystemLink metadata

Tip: slcli webapp init also installs the project-scoped slcli skill into .agents/skills for the manual Angular starter path, including the hosted webapp guidance.

MCP Server (experimental)

Experimental: The MCP server is under active development. The tool interface will change between releases.

slcli includes a built-in Model Context Protocol server that lets AI assistants query SystemLink directly as structured tools.

# Register with VS Code Copilot Agent mode
slcli mcp install

# Register with Claude Desktop
slcli mcp install --target claude

# Register everywhere at once
slcli mcp install --target all

# Start the MCP server directly (used internally by AI clients)
slcli mcp serve

TLS / Certificate Trust

The CLI uses the operating system certificate store by default via the truststore library. Corporate or custom root CAs are automatically honored.

VariableEffect
SLCLI_DISABLE_OS_TRUST=1Skip system trust (fall back to certifi)
SLCLI_FORCE_OS_TRUST=1Fail fast if injection fails
SLCLI_DEBUG_OS_TRUST=1Print traceback on injection failure
SLCLI_SSL_VERIFY=falseDisable TLS verification (NOT recommended)
# Runtime certificate diagnostics
slcli _ca-info

Use this command when troubleshooting TLS failures or confirming that corporate roots are in use. It produces no network traffic and is safe to run any time.