Dashlane CLI

Access your Dashlane vault from the command line. Read-only access to passwords, secure notes, secrets and OTP codes.

Installation

brew install dashlane/tap/dashlane-cli

Authentication

First sync to trigger authentication:

dcli sync

Steps:

1. Enter your Dashlane email
2. ⚠️ IMPORTANT: Open the URL shown in your browser (device registration)
3. Enter the code received by email
4. Enter your Master Password

Check current account:

dcli accounts whoami

Get a Password

# Search by URL or title (copies password to clipboard by default)
dcli p mywebsite
dcli password mywebsite

# Get specific field
dcli p mywebsite -f login      # Username/login
dcli p mywebsite -f email      # Email
dcli p mywebsite -f otp        # TOTP 2FA code
dcli p mywebsite -f password   # Password (default)

# Output formats
dcli p mywebsite -o clipboard  # Copy to clipboard (default)
dcli p mywebsite -o console    # Print to stdout
dcli p mywebsite -o json       # Full JSON output (all matches)

# Search by specific fields
dcli p url=example.com
dcli p title=MyBank
dcli p id=xxxxxx               # By vault ID
dcli p url=site1 title=site2   # Multiple filters (OR)

Get a Secure Note

dcli note [filters]
dcli n [filters]               # Shorthand

# Filter by title (default)
dcli n my-note
dcli n title=api-keys

# Output formats: text (default), json
dcli n my-note -o json

Get a Secret

Dashlane secrets are a dedicated content type for sensitive data.

dcli secret [filters]

# Filter by title (default)
dcli secret api_keys
dcli secret title=api_keys -o json

Other Commands

# Sync vault manually (auto-sync every hour by default)
dcli sync

# Lock the vault (requires master password to unlock)
dcli lock

# Logout completely
dcli logout

# Backup vault to current directory
dcli backup
dcli backup --directory /path/to/backup

Configuration

# Save master password in OS keychain (default: true)
dcli configure save-master-password true

# Disable auto-sync
dcli configure disable-auto-sync true

# Enable biometrics unlock (macOS only)
dcli configure user-presence --method biometrics

# Disable user presence check
dcli configure user-presence --method none

Persistence by Platform

macOS

Master password is stored in the Keychain by default. Survives reboots.

dcli configure save-master-password true

Linux (server/headless)

No native keychain. Options:

1. Environment variable (less secure, but simple):

   export DASHLANE_MASTER_PASSWORD="..."
   

2. Local encrypted file:

   save-master-password true

   stores in

   ~/.local/share/dcli/

3. External secret manager (Vault, AWS Secrets, etc.) to inject the variable

Docker / CI

Use the

DASHLANE_MASTER_PASSWORD

environment variable passed to the container.

docker run -e DASHLANE_MASTER_PASSWORD="..." myimage

SSO / Passwordless

Not supported by dcli yet — requires a classic master password.

Advanced: Inject Secrets

# Inject secrets into environment variables
dcli exec -- mycommand

# Inject into templated files
dcli inject < template.txt > output.txt

# Read secret by path
dcli read "dl://vault/secret-id"

Examples

Get OTP for 2FA

dcli p github -f otp
# Returns: 123456 (25s remaining)

SSH Keys from Vault

Store private key in a secure note, then:

dcli n SSH_KEY | ssh-add -

Scripting

# Get password for a script
PASSWORD=$(dcli p myservice -o console)

# Get JSON and parse with jq
dcli p myservice -o json | jq -r '.[0].password'

Troubleshooting

• Locked? Run

  dcli sync

  to unlock
• SSO users: Need Chrome installed + visual interface
• Password-less: Not supported yet
• Debug mode:

  dcli --debug <command>

Docs: https://cli.dashlane.com