ARQERA CLI
Control governance, agents, evidence, and compliance from your terminal. Built for developers who live in the command line.
Command Groups
Everything you can do from the terminal, organized by domain.
Authentication
Log in, check session status, and configure API keys for headless environments.
Ara Commands
Execute AI actions, review pending approvals, and approve or reject requests from the terminal.
Governance
Evaluate actions against your governance policies, list active policies, and inspect evaluation results.
Evidence
List evidence artifacts, export the full audit trail, and verify the cryptographic evidence chain.
Compliance
Check real-time compliance status and run framework-specific checks (SOC 2, GDPR, EU AI Act).
Integrations
List connected integrations, initiate new OAuth connections, and manage data flows.
Agents
List deployed agents, deploy new agent configurations, and monitor agent health.
Configuration
Manage local config files, environment variables, and per-project settings.
Installation
Install the ARQERA CLI globally via npm or pip
Node.js / npm
$ npm install -g @arqera/cliPython / pip
$ pip install arqera-cliVerify installation
$ arqera --versionRequires Node.js 18+ or Python 3.10+. The CLI auto-updates by default.
Authentication
Log in interactively or configure an API key for CI/CD
Interactive login
$ arqera auth loginOpens your browser for OAuth login. Stores a session token locally.
Check session
$ arqera auth statusDisplays the current user, tenant, and token expiry.
API key login
$ arqera config set api-key <your-api-key>Set an API key for headless environments (CI/CD, scripts, containers).
Log out
$ arqera auth logoutClears the local session token and removes cached credentials.
Ara Commands
Execute AI actions and manage the approval queue
Execute an action
$ arqera ara execute --action email.send \
--to [email protected] \
--subject "Monthly Report" \
--body "Please find the report attached."Runs an AI action through the governance engine. SOFT actions execute immediately. HARD actions create a pending approval.
List pending approvals
$ arqera ara pending
Shows all actions awaiting human approval, with ID, action type, requester, and timestamp.
Approve an action
$ arqera ara approve <id>
Approves a pending HARD-tier action. The action executes immediately after approval.
Reject an action
$ arqera ara reject <id> --reason "Not authorized"
Rejects a pending action. The optional --reason flag records the rejection rationale in the evidence chain.
View action history
$ arqera ara history --limit 20
Lists recently executed actions with their governance tier, outcome, and execution time.
Governance Commands
Evaluate actions against policies and inspect evaluation results
Evaluate an action
$ arqera governance evaluate \
--action data.export \
--tier SOFT \
--context '{"destination": "s3", "records": 50000}'Runs a governance evaluation without executing the action. Returns the tier classification, risk score, and policy matches.
List policies
$ arqera governance policies list
Shows all active governance policies with their tier, scope, and enforcement mode.
View policy details
$ arqera governance policies get <policy-id>
Displays the full policy definition including conditions, actions, and evaluation criteria.
Test a policy
$ arqera governance policies test <policy-id> \
--action file.delete \
--context '{"path": "/sensitive/data.csv"}'Dry-run a specific policy against a hypothetical action to verify it triggers correctly.
Evidence Commands
Query the immutable audit trail and verify evidence integrity
List evidence
$ arqera evidence list --since 2026-01-01 --limit 50
Lists evidence artifacts with timestamp, type, actor, and hash. Filter by date, type, or actor.
Export evidence
$ arqera evidence export --format json --output ./audit-report.json
Exports the full evidence chain as JSON, CSV, or PDF. Use for auditor handoff and compliance reporting.
Verify chain integrity
$ arqera evidence verify-chain
Verifies the cryptographic hash chain of all evidence artifacts. Returns a pass/fail result with any integrity violations.
View single artifact
$ arqera evidence get <artifact-id>
Displays the full evidence artifact including payload, hash, parent hash, and metadata.
Compliance Commands
Check compliance status and run framework-specific audits
Overall status
$ arqera compliance status
Displays compliance status across all configured frameworks with pass/fail counts and coverage percentages.
Run a framework check
$ arqera compliance check --framework soc2
Runs a full compliance check against a specific framework. Supported: soc2, gdpr, eu-ai-act, hipaa, iso27001.
List frameworks
$ arqera compliance frameworks
Lists all available compliance frameworks with their control count and your current coverage.
Export compliance report
$ arqera compliance export --framework gdpr --format pdf
Generates a compliance report for auditor handoff. Includes control status, evidence references, and remediation notes.
Integration Commands
Manage connected services and initiate new OAuth connections
List integrations
$ arqera integrations list
Shows all connected integrations with their status, last sync time, and connection health.
Connect a service
$ arqera integrations connect slack
Initiates an OAuth flow to connect a new integration. Opens your browser for authorization.
Disconnect a service
$ arqera integrations disconnect slack
Revokes the OAuth token and removes the integration. Existing data is preserved.
Test a connection
$ arqera integrations test slack
Verifies that the integration is healthy and can communicate with the remote service.
Agent Commands
Deploy, manage, and monitor AI agents
List agents
$ arqera agents list
Shows all deployed agents with their status, capabilities, and last active timestamp.
Deploy an agent
$ arqera agents deploy --config agent.yaml
Deploys a new agent from a YAML configuration file. The config defines capabilities, permissions, and governance rules.
View agent details
$ arqera agents get <agent-id>
Shows full agent configuration, recent activity, and performance metrics.
Stop an agent
$ arqera agents stop <agent-id>
Gracefully stops a running agent. Pending actions are completed before shutdown.
View agent logs
$ arqera agents logs <agent-id> --tail 100
Streams or displays recent agent logs. Use --follow for real-time streaming.
Configuration
Local config file and environment variables
Config file location
~/.arqera/config.yamlCreated automatically on first login. Stores session tokens, default tenant, output preferences, and API endpoint.
Example config
api_key: "ak_live_..." base_url: "https://app.arqera.io" tenant_id: "tenant_abc123" output: "table" color: true
Environment variables
| ARQERA_API_KEY | API key for authentication (overrides config file) |
| ARQERA_BASE_URL | API base URL (default: https://app.arqera.io) |
| ARQERA_TENANT_ID | Tenant ID for multi-tenant environments |
| ARQERA_OUTPUT | Default output format: json, table, or yaml |
Environment variables take precedence over config file values. This lets you override settings per-session or in CI/CD pipelines without modifying the config file.
Global Flags
Flags available on every command
| Flag | Description |
|---|---|
| --output json|table|yaml | Set output format for the current command |
| --verbose | Enable verbose logging for debugging |
| --dry-run | Preview the action without executing it |
| --tenant-id <id> | Override the tenant for multi-tenant setups |
| --no-color | Disable colored output (useful for piping) |
| --quiet | Suppress all output except errors |
Examples
$ arqera ara pending --output json $ arqera governance evaluate --action file.delete --dry-run $ arqera evidence list --output yaml --verbose $ arqera compliance check --framework soc2 --tenant-id tenant_xyz
Ready to use ARQERA from the terminal?
Install the CLI and run your first governance evaluation in under a minute.