Skip to content

eighteyes/cc-switch

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
bin
bin
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
install.sh
install.sh
 
 

Repository files navigation

cc-switch

The missing profile switcher for claude code

Switch Claude Code OAuth tokens between accounts. Tokens are stored in the OS keyring (macOS Keychain / Linux libsecret) and validated against claude auth status before they land.

Why

CLAUDE_CODE_OAUTH_TOKEN is a single env var but most people have more than one account (work, home, client). This gives you one command to rotate it without plaintext files or re-running the OAuth flow.

Install

bash install.sh

Installs cc-switch to ~/.local/bin/ and prints the line to add to your shell rc file:

source /path/to/cc-switch/shell/cc-switch.sh

Reload your shell. Done.

Requirements

  • claude CLI in PATH (Claude Code subscription, for setup-token and auth status)
  • macOS: nothing extra (security is built-in)
  • Linux: secret-toolapt install libsecret-tools / dnf install libsecret / pacman -S libsecret
  • jq is used if present; falls back to sed otherwise

Usage

cc-switch add work         # runs `claude setup-token`, validates, stores
cc-switch add home         # (log out / switch browser account first)

cc-switch work             # switch active account (shorthand)
cc-switch use work         # explicit form
cc-switch current          # show active account
cc-switch unset            # clear CLAUDE_CODE_OAUTH_TOKEN

cc-switch list             # show stored accounts and their emails
cc-switch remove work      # delete an account
cc-switch backend          # print keyring backend in use

Non-interactive seed:

echo "$TOKEN" | cc-switch set work

How it works

  • Binary (bin/cc-switch) handles keyring I/O and an index file at $XDG_DATA_HOME/cc-switch/accounts (format: name<TAB>email). Token values live only in the keyring.
  • Shell function (shell/cc-switch.sh) wraps the binary so use can export into the current shell. A bare name like cc-switch work is rewritten to use work unless it collides with a reserved subcommand.
  • Validation: on add / set, the candidate token is probed via CLAUDE_CODE_OAUTH_TOKEN=<token> claude auth status --json. A token is accepted only when loggedIn == true and email is non-empty. The resulting email is stored in the index and used to reject duplicate-email adds under different names.

Notes

  • You must log in as a different account in the browser between cc-switch add runs, otherwise both tokens resolve to the same email and the second add is rejected.
  • claude auth status falls back to the Keychain session when CLAUDE_CODE_OAUTH_TOKEN is empty or unset — the binary guards against empty input so that fallback can't leak into validation.
  • Re-adding an existing account (e.g. after token rotation) is allowed; the index row is replaced in place.

Layout

cc-switch/
  bin/cc-switch            # CLI: add/set/get/list/remove/backend
  shell/cc-switch.sh       # shell wrapper: use/unset/current + bare-name dispatch
  install.sh               # symlink binary, print source line, verify backend

About

Missing Profile Switcher for Claude Code

Resources

Readme

License

MIT license
Activity

Stars

2 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages