@putdotio/cli 1.0.12 → 1.2.0

package/dist/{metadata-Bf6lftdl.mjs → metadata-DHsl0QOK.mjs}

@@ -1,19 +1,19 @@
-import { Clock, Config, Console, Context, Data, Duration, Effect, Fiber, Layer, Option, Schema } from "effect";
+import { Cause, Clock, Config, Console, Context, Data, Duration, Effect, Fiber, Layer, Option, Queue, Schema } from "effect";
 import i18next from "i18next";
-import { Command, Options } from "@effect/cli";
-import * as Terminal from "@effect/platform/Terminal";
-import { DEFAULT_PUTIO_API_BASE_URL, DEFAULT_PUTIO_WEB_APP_URL, DownloadLinksCreateInputSchema, TransferAddInputSchema, createPutioSdkEffectClient, makePutioSdkLayer } from "@putdotio/sdk";
+import { Argument, Command, Flag } from "effect/unstable/cli";
+import * as Terminal from "effect/Terminal";
+import { DEFAULT_PUTIO_API_BASE_URL, DEFAULT_PUTIO_WEB_APP_URL, DownloadLinksCreateInputSchema, TransferAddInputSchema, createPutioSdkEffectClient, makePutioSdkLiveLayer } from "@putdotio/sdk";
 import { spawn } from "node:child_process";
 import { homedir, hostname } from "node:os";
 import { dirname, join } from "node:path";
+import * as SchemaAST from "effect/SchemaAST";
 import { LocalizedError, createLocalizeError } from "@putdotio/sdk/utilities";
 import Table from "cli-table3";
-import { FetchHttpClient } from "@effect/platform";
-import * as FileSystem from "@effect/platform/FileSystem";
-import { SystemError } from "@effect/platform/Error";
+import * as FileSystem from "effect/FileSystem";
+import { PlatformError, SystemError } from "effect/PlatformError";
 //#region package.json
 var name = "@putdotio/cli";
-var version = "1.0.12";
+var version = "1.2.0";
 //#endregion
 //#region src/i18n/translate.ts
 const resources = { en: { translation: {
@@ -59,13 +59,24 @@ const resources = { en: { translation: {
 				title: "┌( ಠ‿ಠ)┘ welcome!",
 				waiting: "Waiting for authorization..."
 			},
-			logout: { cleared: "cleared persisted auth state at {{configPath}}" },
+			logout: {
+				cleared: "cleared persisted auth state at {{configPath}}",
+				notFound: "no persisted auth state was configured at {{configPath}}"
+			},
 			preview: { browserOpened: "opened automatically in your browser" },
+			profiles: {
+				empty: "no auth profiles configured",
+				notFound: "auth profile {{profile}} was not configured",
+				removed: "removed auth profile {{profile}}",
+				used: "using auth profile {{profile}}"
+			},
 			status: {
 				apiBaseUrl: "api base url: {{value}}",
 				authenticatedNo: "authenticated: no",
 				authenticatedYes: "authenticated: yes",
 				configPath: "config path: {{value}}",
+				defaultProfile: "default profile: {{value}}",
+				profile: "profile: {{value}}",
 				source: "source: {{value}}",
 				unknown: "unknown"
 			},
@@ -73,6 +84,7 @@ const resources = { en: { translation: {
 				apiBaseUrl: "api base url   {{value}}",
 				browserOpened: "browser opened {{value}}",
 				configPath: "config path    {{value}}",
+				profile: "profile        {{value}}",
 				savedToken: "authenticated and saved token"
 			}
 		},
@@ -229,6 +241,9 @@ const resources = { en: { translation: {
 			authLogin: "Authorize the CLI through the put.io device-link flow and persist the resulting token.",
 			authLogout: "Remove the persisted CLI auth state.",
 			authPreview: "Render the auth screen locally without requesting a real device code.",
+			authProfilesList: "List configured auth profiles without exposing token material.",
+			authProfilesRemove: "Remove a persisted auth profile.",
+			authProfilesUse: "Set the default persisted auth profile.",
 			authStatus: "Report the currently resolved auth state.",
 			brand: "Render the put.io CLI brand mark without making any API calls.",
 			describe: "Print machine-readable CLI metadata for agents and scripts.",
@@ -358,7 +373,15 @@ const createTranslator = (locale = "en") => {
 const translate = createTranslator();
 //#endregion
 //#region src/internal/agent-dx.ts
-const AgentDxCategoryNameSchema = Schema.Literal("machineReadableOutput", "rawPayloadInput", "schemaIntrospection", "contextWindowDiscipline", "inputHardening", "safetyRails", "agentKnowledgePackaging");
+const AgentDxCategoryNameSchema = Schema.Literals([
+	"machineReadableOutput",
+	"rawPayloadInput",
+	"schemaIntrospection",
+	"contextWindowDiscipline",
+	"inputHardening",
+	"safetyRails",
+	"agentKnowledgePackaging"
+]);
 const AgentDxDimensionSchema = Schema.Struct({
 	maxScore: Schema.Literal(3),
 	name: AgentDxCategoryNameSchema,
@@ -450,12 +473,13 @@ const PUTIO_CLI_APP_ID = "8993";
 const ENV_CLI_CLIENT_NAME = "PUTIO_CLI_CLIENT_NAME";
 const ENV_CLI_WEB_APP_URL = "PUTIO_CLI_WEB_APP_URL";
 const ENV_CLI_CONFIG_PATH = "PUTIO_CLI_CONFIG_PATH";
+const ENV_CLI_PROFILE = "PUTIO_CLI_PROFILE";
 const ENV_API_BASE_URL = "PUTIO_CLI_API_BASE_URL";
 const ENV_CLI_TOKEN = "PUTIO_CLI_TOKEN";
 const ENV_XDG_CONFIG_HOME = "XDG_CONFIG_HOME";
 //#endregion
 //#region src/internal/runtime.ts
-var CliRuntime = class extends Context.Tag("@putdotio/cli/CliRuntime")() {};
+var CliRuntime = class extends Context.Service()("@putdotio/cli/CliRuntime") {};
 const openExternalWithPlatform = (platform, url) => {
 	const command = platform === "darwin" ? {
 		file: "open",
@@ -506,6 +530,20 @@ const makeCliRuntime = (options = {}) => {
 		setExitCode: (code) => Effect.sync(() => {
 			process.exitCode = code;
 		}),
+		writeStdout: (message) => Effect.sync(() => {
+			if (options.writeStdout) {
+				options.writeStdout(message);
+				return;
+			}
+			process.stdout.write(message);
+		}),
+		writeStderr: (message) => Effect.sync(() => {
+			if (options.writeStderr) {
+				options.writeStderr(message);
+				return;
+			}
+			process.stderr.write(message);
+		}),
 		openExternal: (url) => Effect.sync(() => openExternalWithPlatform(platform, url)),
 		startSpinner: (message) => Effect.sync(() => {
 			let frameIndex = 0;
@@ -532,27 +570,28 @@ const makeCliRuntime = (options = {}) => {
 const CliRuntimeLive = Layer.sync(CliRuntime, () => makeCliRuntime());
 //#endregion
 //#region src/internal/config.ts
-const NonEmptyStringSchema$4 = Schema.String.pipe(Schema.filter((value) => value.length > 0, { message: () => "Expected a non-empty string" }));
-const UrlStringSchema = NonEmptyStringSchema$4.pipe(Schema.filter((value) => {
+const NonEmptyStringSchema$3 = Schema.String.check(Schema.isNonEmpty());
+const UrlStringSchema = NonEmptyStringSchema$3.pipe(Schema.check(Schema.makeFilter((value) => {
 	try {
 		new URL(value);
-		return true;
+		return;
 	} catch {
-		return false;
+		return "Expected a valid absolute URL";
 	}
-}, { message: () => "Expected a valid absolute URL" }));
+})));
 const PutioCliAuthFlowConfigSchema = Schema.Struct({
-	appId: NonEmptyStringSchema$4,
-	clientName: NonEmptyStringSchema$4,
+	appId: NonEmptyStringSchema$3,
+	clientName: NonEmptyStringSchema$3,
 	webAppUrl: UrlStringSchema
 });
 const CliRuntimeConfigSchema = Schema.Struct({
 	apiBaseUrl: UrlStringSchema,
-	configPath: NonEmptyStringSchema$4,
-	token: Schema.optional(NonEmptyStringSchema$4)
+	configPath: NonEmptyStringSchema$3,
+	profile: Schema.optional(NonEmptyStringSchema$3),
+	token: Schema.optional(NonEmptyStringSchema$3)
 });
 var CliConfigError = class extends Data.TaggedError("CliConfigError") {};
-var CliConfig = class extends Context.Tag("@putdotio/cli/CliConfig")() {};
+var CliConfig = class extends Context.Service()("@putdotio/cli/CliConfig") {};
 const optionalTrimmedString = (name) => Config.option(Config.string(name)).pipe(Config.map((value) => Option.flatMap(value, (raw) => {
 	const trimmed = raw.trim();
 	return trimmed.length > 0 ? Option.some(trimmed) : Option.none();
@@ -579,6 +618,7 @@ const makeCliConfig = (runtime) => ({
 		const homePath = yield* runtime.getHomeDirectory;
 		const apiBaseUrl = yield* optionalTrimmedString(ENV_API_BASE_URL).pipe(Config.map((value) => Option.getOrElse(value, () => DEFAULT_PUTIO_API_BASE_URL)));
 		const token = yield* optionalTrimmedString(ENV_CLI_TOKEN);
+		const profile = yield* optionalTrimmedString(ENV_CLI_PROFILE);
 		const explicitConfigPath = yield* optionalTrimmedString(ENV_CLI_CONFIG_PATH);
 		const xdgConfigHome = yield* optionalTrimmedString(ENV_XDG_CONFIG_HOME);
 		return yield* Effect.try({
@@ -590,6 +630,7 @@ const makeCliConfig = (runtime) => ({
 					homePath,
 					joinPath: runtime.joinPath
 				}),
+				profile: Option.getOrUndefined(profile),
 				token: Option.getOrUndefined(token)
 			}),
 			catch: mapCliConfigError("Unable to resolve the CLI runtime configuration.")
@@ -620,24 +661,60 @@ const waitForDeviceToken = (options) => Effect.gen(function* () {
 	}
 });
 //#endregion
+//#region src/internal/auth-profile.ts
+const AUTH_PROFILE_NAME_PATTERN = /^[A-Za-z0-9][A-Za-z0-9._-]{0,63}$/u;
+const AUTH_PROFILE_NAME_DESCRIPTION = "Profile names must start with a letter or number and may contain letters, numbers, dots, underscores, or hyphens.";
+const normalizeAuthProfileName = (value) => {
+	const trimmed = value.trim();
+	return AUTH_PROFILE_NAME_PATTERN.test(trimmed) ? trimmed : null;
+};
+//#endregion
 //#region src/internal/command-specs.ts
-const NonEmptyStringSchema$3 = Schema.String.pipe(Schema.filter((value) => value.length > 0, { message: () => "Expected a non-empty string" }));
-const OutputModeSchema = Schema.Literal("json", "text", "ndjson");
-const InternalRendererSchema = Schema.Literal("json", "terminal", "ndjson");
-const CommandKindSchema = Schema.Literal("utility", "auth", "read", "write");
-const CommandOptionTypeSchema = Schema.Literal("string", "integer", "boolean", "enum");
-const JsonPrimitiveKindSchema = Schema.Literal("string", "integer", "boolean", "null");
+const NonEmptyStringSchema$2 = Schema.String.check(Schema.isNonEmpty());
+const OutputModeSchema = Schema.Literals([
+	"json",
+	"text",
+	"ndjson"
+]);
+const InternalRendererSchema = Schema.Literals([
+	"json",
+	"terminal",
+	"ndjson"
+]);
+const CommandKindSchema = Schema.Literals([
+	"utility",
+	"auth",
+	"read",
+	"write"
+]);
+const CommandOptionTypeSchema = Schema.Literals([
+	"string",
+	"integer",
+	"boolean",
+	"enum"
+]);
+const JsonPrimitiveKindSchema = Schema.Literals([
+	"string",
+	"integer",
+	"boolean",
+	"null"
+]);
 const JsonScalarSchema = Schema.Struct({ kind: JsonPrimitiveKindSchema });
-const JsonEnumValueSchema = Schema.Union(Schema.String, Schema.Number, Schema.Boolean, Schema.Null);
+const JsonEnumValueSchema = Schema.Union([
+	Schema.String,
+	Schema.Number,
+	Schema.Boolean,
+	Schema.Null
+]);
 const JsonPropertySchema = Schema.Struct({
-	name: NonEmptyStringSchema$3,
+	name: NonEmptyStringSchema$2,
 	required: Schema.Boolean,
 	schema: Schema.suspend(() => CommandJsonShapeSchema)
 });
 const JsonObjectSchema = Schema.Struct({
 	kind: Schema.Literal("object"),
 	properties: Schema.Array(JsonPropertySchema),
-	rules: Schema.optional(Schema.Array(NonEmptyStringSchema$3))
+	rules: Schema.optional(Schema.Array(NonEmptyStringSchema$2))
 });
 const JsonArraySchema = Schema.Struct({
 	kind: Schema.Literal("array"),
@@ -647,17 +724,34 @@ const JsonEnumSchema = Schema.Struct({
 	kind: Schema.Literal("enum"),
 	values: Schema.Array(JsonEnumValueSchema)
 });
-const CommandJsonShapeSchema = Schema.Union(JsonScalarSchema, JsonEnumSchema, JsonObjectSchema, JsonArraySchema);
+const CommandJsonShapeSchema = Schema.Union([
+	JsonScalarSchema,
+	JsonEnumSchema,
+	JsonObjectSchema,
+	JsonArraySchema
+]);
 const CommandOptionSchema = Schema.Struct({
-	choices: Schema.optional(Schema.Array(NonEmptyStringSchema$3)),
-	defaultValue: Schema.optional(Schema.Union(NonEmptyStringSchema$3, Schema.Number, Schema.Boolean)),
-	description: Schema.optional(NonEmptyStringSchema$3),
-	name: NonEmptyStringSchema$3,
+	choices: Schema.optional(Schema.Array(NonEmptyStringSchema$2)),
+	defaultValue: Schema.optional(Schema.Union([
+		NonEmptyStringSchema$2,
+		Schema.Number,
+		Schema.Boolean
+	])),
+	description: Schema.optional(NonEmptyStringSchema$2),
+	name: NonEmptyStringSchema$2,
 	repeated: Schema.Boolean,
 	required: Schema.Boolean,
 	type: CommandOptionTypeSchema
 });
+const CommandArgumentSchema = Schema.Struct({
+	choices: Schema.optional(Schema.Array(NonEmptyStringSchema$2)),
+	description: Schema.optional(NonEmptyStringSchema$2),
+	name: NonEmptyStringSchema$2,
+	required: Schema.Boolean,
+	type: CommandOptionTypeSchema
+});
 const CommandInputSchema = Schema.Struct({
+	arguments: Schema.optional(Schema.Array(CommandArgumentSchema)),
 	flags: Schema.Array(CommandOptionSchema),
 	json: Schema.optional(CommandJsonShapeSchema)
 });
@@ -671,10 +765,10 @@ const CommandAuthSchema = Schema.Struct({ required: Schema.Boolean });
 const CommandDescriptorSchema = Schema.Struct({
 	auth: CommandAuthSchema,
 	capabilities: CommandCapabilitiesSchema,
-	command: NonEmptyStringSchema$3,
+	command: NonEmptyStringSchema$2,
 	input: CommandInputSchema,
 	kind: CommandKindSchema,
-	purpose: NonEmptyStringSchema$3
+	purpose: NonEmptyStringSchema$2
 });
 const CliOutputContractSchema = Schema.Struct({
 	defaultInteractive: Schema.Literal("text"),
@@ -791,6 +885,12 @@ const stringFlag = (name, options = {}) => ({
 	required: options.required ?? false,
 	type: "string"
 });
+const stringArgument = (name, options = {}) => ({
+	description: options.description,
+	name,
+	required: options.required ?? true,
+	type: "string"
+});
 const repeatedStringFlag = (name, options = {}) => ({
 	description: options.description,
 	name,
@@ -808,31 +908,38 @@ const enumFlag = (name, choices, options = {}) => ({
 });
 const unwrapSchemaAst = (ast) => {
 	let current = ast;
-	while (current && (current._tag === "Refinement" || current._tag === "Transformation" || current._tag === "Suspend")) current = current._tag === "Suspend" ? current.type : current._tag === "Transformation" ? current.to : current.from;
+	while (current && current._tag === "Suspend") current = current.thunk();
 	return current;
 };
 const schemaAstToJsonShape = (ast) => {
 	const current = unwrapSchemaAst(ast);
 	switch (current?._tag) {
-		case "StringKeyword": return stringShape();
-		case "NumberKeyword": return integerShape();
-		case "BooleanKeyword": return booleanShape();
-		case "UndefinedKeyword":
-		case "VoidKeyword":
-		case "NullKeyword": return nullShape();
-		case "Literal": return enumShape([current.literal ?? null]);
-		case "TupleType": {
-			const item = current.rest?.[0]?.type;
+		case "String": return stringShape();
+		case "Number": return integerShape();
+		case "Boolean": return booleanShape();
+		case "Undefined":
+		case "Void":
+		case "Null": return nullShape();
+		case "Literal": {
+			const literal = current.literal ?? null;
+			if (typeof literal === "bigint") throw new Error("BigInt literals are not supported in CLI json metadata.");
+			return enumShape([literal]);
+		}
+		case "Arrays": {
+			const item = current.rest[0] ?? current.elements[0];
 			if (!item) throw new Error("Unable to derive an array item schema from an empty tuple AST.");
 			return arrayShape(schemaAstToJsonShape(item));
 		}
-		case "TypeLiteral": return objectShape((current.propertySignatures ?? []).map((propertySignature) => property(propertySignature.name, schemaAstToJsonShape(propertySignature.type), propertySignature.isOptional !== true)));
+		case "Objects": return objectShape(current.propertySignatures.map((propertySignature) => property(String(propertySignature.name), schemaAstToJsonShape(propertySignature.type), !SchemaAST.isOptional(propertySignature.type))));
 		case "Union": {
-			const definedTypes = (current.types ?? []).filter((type) => unwrapSchemaAst(type)?._tag !== "UndefinedKeyword");
+			const definedTypes = current.types.filter((type) => unwrapSchemaAst(type)?._tag !== "Undefined");
 			const enumValues = definedTypes.flatMap((type) => {
 				const unwrapped = unwrapSchemaAst(type);
-				if (unwrapped?._tag === "Literal") return [unwrapped.literal ?? null];
-				if (unwrapped?._tag === "NullKeyword" || unwrapped?._tag === "VoidKeyword") return [null];
+				if (unwrapped?._tag === "Literal") {
+					const literal = unwrapped.literal ?? null;
+					return typeof literal === "bigint" ? [] : [literal];
+				}
+				if (unwrapped?._tag === "Null" || unwrapped?._tag === "Void") return [null];
 				return [];
 			});
 			if (enumValues.length === definedTypes.length && enumValues.length > 0) return enumShape(enumValues);
@@ -1272,6 +1379,7 @@ const normalizeOutputMode = (output, isInteractiveTerminal = true) => {
 	if (output === "text") return "terminal";
 	return isInteractiveTerminal ? "terminal" : "json";
 };
+const normalizeRequestedOrResolvedOutputMode = (output, isInteractiveTerminal = true) => output === "terminal" ? "terminal" : normalizeOutputMode(output, isInteractiveTerminal);
 const detectOutputModeFromArgv = (argv, isInteractiveTerminal = true) => {
 	for (let index = 0; index < argv.length; index += 1) {
 		const argument = argv[index];
@@ -1399,56 +1507,100 @@ const formatCliError = (error) => {
 const formatCliErrorJson = (error) => {
 	return renderJson(toCliErrorJson(isLocalizedError(error) ? error : localizeCliError(error)));
 };
-var CliOutput = class extends Context.Tag("@putdotio/cli/CliOutput")() {};
+var CliOutput = class extends Context.Service()("@putdotio/cli/CliOutput") {};
 const makeCliOutput = (runtime) => ({
-	formatError: (error, output) => isStructuredOutputMode(normalizeOutputMode(output, runtime.isInteractiveTerminal)) ? formatCliErrorJson(error) : formatCliError(error),
+	formatError: (error, output) => isStructuredOutputMode(normalizeRequestedOrResolvedOutputMode(output, runtime.isInteractiveTerminal)) ? formatCliErrorJson(error) : formatCliError(error),
 	error: (message) => Console.error(sanitizeTerminalText(message)),
-	write: (value, output, renderTerminalValue) => Console.log((() => {
-		switch (normalizeOutputMode(output, runtime.isInteractiveTerminal)) {
-			case "terminal": return renderTerminal(value, renderTerminalValue);
-			case "ndjson": return renderNdjson(value);
-			case "json": return renderJson(value);
-		}
-	})())
+	write: (value, output, renderTerminalValue) => {
+		const outputMode = normalizeOutputMode(output, runtime.isInteractiveTerminal);
+		const rendered = outputMode === "terminal" ? renderTerminal(value, renderTerminalValue) : outputMode === "ndjson" ? renderNdjson(value) : renderJson(value);
+		return runtime.writeStdout(`${rendered}\n`);
+	}
 });
 const CliOutputLive = Layer.effect(CliOutput, Effect.map(CliRuntime, makeCliOutput));
 const writeOutput = (value, output, renderTerminalValue) => Effect.flatMap(CliOutput, (cliOutput) => cliOutput.write(value, output, renderTerminalValue));
 //#endregion
 //#region src/internal/sdk.ts
 const sdk = createPutioSdkEffectClient();
-var CliSdk = class extends Context.Tag("@putdotio/cli/CliSdk")() {};
+var CliSdk = class extends Context.Service()("@putdotio/cli/CliSdk") {};
 const makeCliSdk = () => ({
 	client: sdk,
-	provide: (config, program) => program.pipe(Effect.provide(makePutioSdkLayer({
+	provide: (config, program) => program.pipe(Effect.provide(makePutioSdkLiveLayer({
 		accessToken: config.token,
 		baseUrl: config.apiBaseUrl
 	})))
 });
-const CliSdkLive = Layer.mergeAll(FetchHttpClient.layer, Layer.succeed(CliSdk, makeCliSdk()));
+const CliSdkLive = Layer.succeed(CliSdk, makeCliSdk());
 const provideSdk = (config, program) => Effect.flatMap(CliSdk, (cliSdk) => cliSdk.provide(config, program));
 //#endregion
 //#region src/internal/state.ts
-const NonEmptyStringSchema$2 = Schema.String.pipe(Schema.filter((value) => value.length > 0, { message: () => "Expected a non-empty string" }));
+const NonEmptyStringSchema$1 = Schema.String.check(Schema.isNonEmpty());
+const PutioCliProfileConfigSchema = Schema.Struct({
+	api_base_url: Schema.optional(NonEmptyStringSchema$1),
+	auth_token: Schema.optional(NonEmptyStringSchema$1)
+});
 const PutioCliConfigSchema = Schema.Struct({
-	api_base_url: NonEmptyStringSchema$2,
-	auth_token: Schema.optional(NonEmptyStringSchema$2)
+	api_base_url: NonEmptyStringSchema$1,
+	auth_token: Schema.optional(NonEmptyStringSchema$1),
+	default_profile: Schema.optional(NonEmptyStringSchema$1),
+	profiles: Schema.optional(Schema.Record(Schema.String, PutioCliProfileConfigSchema))
 });
 const ResolvedAuthStateSchema = Schema.Struct({
-	apiBaseUrl: NonEmptyStringSchema$2,
-	configPath: NonEmptyStringSchema$2,
-	source: Schema.Literal("env", "config"),
-	token: NonEmptyStringSchema$2
+	apiBaseUrl: NonEmptyStringSchema$1,
+	configPath: NonEmptyStringSchema$1,
+	profile: Schema.NullOr(NonEmptyStringSchema$1),
+	source: Schema.Literals([
+		"env",
+		"config",
+		"profile"
+	]),
+	token: NonEmptyStringSchema$1
 });
 const AuthStatusSchema = Schema.Struct({
-	apiBaseUrl: NonEmptyStringSchema$2,
+	apiBaseUrl: NonEmptyStringSchema$1,
+	authenticated: Schema.Boolean,
+	configPath: NonEmptyStringSchema$1,
+	defaultProfile: Schema.NullOr(NonEmptyStringSchema$1),
+	profile: Schema.NullOr(NonEmptyStringSchema$1),
+	source: Schema.NullOr(Schema.Literals([
+		"env",
+		"config",
+		"profile"
+	]))
+});
+const AuthProfileSummarySchema = Schema.Struct({
+	apiBaseUrl: NonEmptyStringSchema$1,
 	authenticated: Schema.Boolean,
-	configPath: NonEmptyStringSchema$2,
-	source: Schema.NullOr(Schema.Literal("env", "config"))
+	current: Schema.Boolean,
+	name: NonEmptyStringSchema$1
+});
+const AuthProfileListSchema = Schema.Struct({
+	configPath: NonEmptyStringSchema$1,
+	defaultProfile: Schema.NullOr(NonEmptyStringSchema$1),
+	profiles: Schema.Array(AuthProfileSummarySchema)
 });
 var AuthStateError = class extends Data.TaggedError("AuthStateError") {};
-var CliState = class extends Context.Tag("@putdotio/cli/CliState")() {};
+var CliState = class extends Context.Service()("@putdotio/cli/CliState") {};
 const decodePersistedConfig = Schema.decodeUnknownSync(PutioCliConfigSchema);
 const mapFileSystemError = (error, message) => error instanceof AuthStateError ? error : new AuthStateError({ message });
+const resolveAuthRuntimeConfig = () => resolveCliRuntimeConfig().pipe(Effect.mapError((error) => new AuthStateError({ message: error.message })));
+const profileErrorMessage = (profile) => `Invalid auth profile \`${profile}\`. Profile names must start with a letter or number and may contain letters, numbers, dots, underscores, or hyphens.`;
+const validateProfileName = (profile) => {
+	const normalized = normalizeAuthProfileName(profile);
+	if (normalized === null) throw new AuthStateError({ message: profileErrorMessage(profile) });
+	return normalized;
+};
+const validateOptionalProfileName = (profile) => profile === void 0 ? void 0 : validateProfileName(profile);
+const validateProfileNameEffect = (profile) => Effect.try({
+	try: () => validateProfileName(profile),
+	catch: (error) => error instanceof AuthStateError ? error : new AuthStateError({ message: profileErrorMessage(profile) })
+});
+const validateOptionalProfileNameEffect = (profile) => profile === void 0 ? Effect.succeed(void 0) : validateProfileNameEffect(profile);
+const validatePersistedConfig = (state) => {
+	validateOptionalProfileName(state.default_profile);
+	for (const name of Object.keys(state.profiles ?? {})) validateProfileName(name);
+	return state;
+};
 const parsePersistedConfig = (raw) => {
 	let value;
 	try {
@@ -1457,153 +1609,363 @@ const parsePersistedConfig = (raw) => {
 		throw new AuthStateError({ message: "Stored CLI config is not valid JSON." });
 	}
 	try {
-		return decodePersistedConfig(value);
-	} catch {
+		return validatePersistedConfig(decodePersistedConfig(value));
+	} catch (error) {
+		if (error instanceof AuthStateError) throw error;
 		throw new AuthStateError({ message: "Stored CLI config does not match the expected schema." });
 	}
 };
+const profileConfigApiBaseUrl = (state, profile) => profile.api_base_url ?? state.api_base_url;
+const selectProfileNameEffect = (input) => Effect.gen(function* () {
+	const explicitProfile = yield* validateOptionalProfileNameEffect(input.explicitProfile);
+	if (explicitProfile !== void 0) return explicitProfile;
+	const runtimeProfile = yield* validateOptionalProfileNameEffect(input.runtimeProfile);
+	if (runtimeProfile !== void 0) return runtimeProfile;
+	return yield* validateOptionalProfileNameEffect(input.state?.default_profile);
+});
+const shouldRemoveConfigFile = (state) => state.api_base_url === DEFAULT_PUTIO_API_BASE_URL && state.auth_token === void 0 && state.default_profile === void 0 && Object.keys(state.profiles ?? {}).length === 0;
+const persistConfigEffect = (effectiveConfigPath, state, message) => Effect.gen(function* () {
+	const fs = yield* FileSystem.FileSystem;
+	const runtime = yield* CliRuntime;
+	if (shouldRemoveConfigFile(state)) return yield* fs.remove(effectiveConfigPath, { force: true }).pipe(Effect.mapError((error) => mapFileSystemError(error, message)));
+	yield* fs.makeDirectory(runtime.dirname(effectiveConfigPath), { recursive: true }).pipe(Effect.mapError((error) => mapFileSystemError(error, message)));
+	yield* fs.writeFileString(effectiveConfigPath, `${JSON.stringify(state, null, 2)}\n`).pipe(Effect.mapError((error) => mapFileSystemError(error, message)));
+	yield* fs.chmod(effectiveConfigPath, 384).pipe(Effect.mapError((error) => mapFileSystemError(error, message)));
+});
+const makeEmptyState = (apiBaseUrl = DEFAULT_PUTIO_API_BASE_URL) => ({ api_base_url: apiBaseUrl });
 const loadPersistedStateEffect = (configPath) => Effect.gen(function* () {
 	const fs = yield* FileSystem.FileSystem;
-	const effectiveConfigPath = configPath ?? (yield* resolveCliRuntimeConfig()).configPath;
-	const rawConfig = yield* fs.readFileString(effectiveConfigPath, "utf8").pipe(Effect.catchIf((error) => error instanceof SystemError && error.reason === "NotFound", () => Effect.succeed(null)), Effect.mapError((error) => mapFileSystemError(error, `Unable to read CLI config at ${effectiveConfigPath}.`)));
+	const effectiveConfigPath = configPath ?? (yield* resolveAuthRuntimeConfig()).configPath;
+	const rawConfig = yield* fs.readFileString(effectiveConfigPath, "utf8").pipe(Effect.catchIf((error) => error instanceof PlatformError && error.reason instanceof SystemError && error.reason._tag === "NotFound", () => Effect.succeed(null)), Effect.mapError((error) => mapFileSystemError(error, `Unable to read CLI config at ${effectiveConfigPath}.`)));
 	if (rawConfig === null) return null;
 	return yield* Effect.try({
 		try: () => parsePersistedConfig(rawConfig),
 		catch: (error) => mapFileSystemError(error, `Unable to read CLI config at ${effectiveConfigPath}.`)
 	});
 });
-const savePersistedStateEffect = (state, configPath) => Effect.gen(function* () {
-	const fs = yield* FileSystem.FileSystem;
-	const runtime = yield* CliRuntime;
-	const effectiveConfigPath = configPath ?? (yield* resolveCliRuntimeConfig()).configPath;
+const savePersistedStateEffect = (state, configPath, selection = {}) => Effect.gen(function* () {
+	const runtime = yield* resolveAuthRuntimeConfig();
+	const effectiveConfigPath = configPath ?? runtime.configPath;
 	const existingConfig = yield* loadPersistedStateEffect(effectiveConfigPath);
-	const persistedState = {
-		api_base_url: state.apiBaseUrl ?? existingConfig?.api_base_url ?? DEFAULT_PUTIO_API_BASE_URL,
+	const selectedProfile = yield* selectProfileNameEffect({
+		explicitProfile: selection.profile,
+		runtimeProfile: runtime.profile,
+		state: existingConfig
+	});
+	const persistedState = existingConfig ?? makeEmptyState(state.apiBaseUrl);
+	if (selectedProfile) {
+		const existingProfiles = persistedState.profiles ?? {};
+		const existingProfile = existingProfiles[selectedProfile];
+		const nextProfile = {
+			api_base_url: state.apiBaseUrl ?? existingProfile?.api_base_url ?? persistedState.api_base_url,
+			auth_token: state.token
+		};
+		const nextState = {
+			...persistedState,
+			profiles: {
+				...existingProfiles,
+				[selectedProfile]: nextProfile
+			}
+		};
+		yield* persistConfigEffect(effectiveConfigPath, nextState, `Unable to write CLI config to ${effectiveConfigPath}.`);
+		return {
+			configPath: effectiveConfigPath,
+			profile: selectedProfile,
+			state: nextState
+		};
+	}
+	const nextState = {
+		...persistedState,
+		api_base_url: state.apiBaseUrl ?? persistedState.api_base_url,
 		auth_token: state.token
 	};
-	yield* fs.makeDirectory(runtime.dirname(effectiveConfigPath), { recursive: true }).pipe(Effect.mapError((error) => mapFileSystemError(error, `Unable to write CLI config to ${effectiveConfigPath}.`)));
-	yield* fs.writeFileString(effectiveConfigPath, `${JSON.stringify(persistedState, null, 2)}\n`).pipe(Effect.mapError((error) => mapFileSystemError(error, `Unable to write CLI config to ${effectiveConfigPath}.`)));
-	yield* fs.chmod(effectiveConfigPath, 384).pipe(Effect.mapError((error) => mapFileSystemError(error, `Unable to write CLI config to ${effectiveConfigPath}.`)));
+	yield* persistConfigEffect(effectiveConfigPath, nextState, `Unable to write CLI config to ${effectiveConfigPath}.`);
 	return {
 		configPath: effectiveConfigPath,
-		state: persistedState
+		profile: null,
+		state: nextState
 	};
 });
-const clearPersistedStateEffect = (configPath) => Effect.gen(function* () {
-	const fs = yield* FileSystem.FileSystem;
-	const runtime = yield* CliRuntime;
-	const effectiveConfigPath = configPath ?? (yield* resolveCliRuntimeConfig()).configPath;
+const clearPersistedStateEffect = (configPath, selection = {}) => Effect.gen(function* () {
+	const runtime = yield* resolveAuthRuntimeConfig();
+	const effectiveConfigPath = configPath ?? runtime.configPath;
 	const existingConfig = yield* loadPersistedStateEffect(effectiveConfigPath);
-	if (existingConfig && existingConfig.api_base_url !== DEFAULT_PUTIO_API_BASE_URL) {
-		const nextConfig = { api_base_url: existingConfig.api_base_url };
-		yield* fs.makeDirectory(runtime.dirname(effectiveConfigPath), { recursive: true }).pipe(Effect.mapError((error) => mapFileSystemError(error, `Unable to clear CLI auth state at ${effectiveConfigPath}.`)));
-		yield* fs.writeFileString(effectiveConfigPath, `${JSON.stringify(nextConfig, null, 2)}\n`).pipe(Effect.mapError((error) => mapFileSystemError(error, `Unable to clear CLI auth state at ${effectiveConfigPath}.`)));
-		yield* fs.chmod(effectiveConfigPath, 384).pipe(Effect.mapError((error) => mapFileSystemError(error, `Unable to clear CLI auth state at ${effectiveConfigPath}.`)));
-	} else yield* fs.remove(effectiveConfigPath, { force: true }).pipe(Effect.mapError((error) => mapFileSystemError(error, `Unable to clear CLI auth state at ${effectiveConfigPath}.`)));
-	return { configPath: effectiveConfigPath };
-});
-const getAuthStatusEffect = () => Effect.gen(function* () {
-	const runtime = yield* resolveCliRuntimeConfig();
+	const selectedProfile = yield* selectProfileNameEffect({
+		explicitProfile: selection.profile,
+		runtimeProfile: runtime.profile,
+		state: existingConfig
+	});
+	if (existingConfig === null) return {
+		cleared: false,
+		configPath: effectiveConfigPath,
+		profile: selectedProfile ?? null
+	};
+	if (selectedProfile) {
+		const existingProfiles = existingConfig.profiles ?? {};
+		const existingProfile = existingProfiles[selectedProfile];
+		if (existingProfile === void 0) return {
+			cleared: false,
+			configPath: effectiveConfigPath,
+			profile: selectedProfile
+		};
+		const nextProfile = { api_base_url: existingProfile.api_base_url ?? existingConfig.api_base_url };
+		yield* persistConfigEffect(effectiveConfigPath, {
+			...existingConfig,
+			profiles: {
+				...existingProfiles,
+				[selectedProfile]: nextProfile
+			}
+		}, `Unable to clear CLI auth state at ${effectiveConfigPath}.`);
+		return {
+			cleared: typeof existingProfile.auth_token === "string",
+			configPath: effectiveConfigPath,
+			profile: selectedProfile
+		};
+	}
+	const hadLegacyToken = typeof existingConfig.auth_token === "string";
+	yield* persistConfigEffect(effectiveConfigPath, {
+		...existingConfig,
+		auth_token: void 0
+	}, `Unable to clear CLI auth state at ${effectiveConfigPath}.`);
+	return {
+		cleared: hadLegacyToken,
+		configPath: effectiveConfigPath,
+		profile: null
+	};
+});
+const listProfilesEffect = () => Effect.gen(function* () {
+	const runtime = yield* resolveAuthRuntimeConfig();
+	const state = yield* loadPersistedStateEffect(runtime.configPath);
+	const defaultProfile = state?.default_profile ?? null;
+	const currentProfile = yield* selectProfileNameEffect({
+		runtimeProfile: runtime.profile,
+		state
+	});
+	const profiles = Object.entries(state?.profiles ?? {}).map(([name, profile]) => ({
+		apiBaseUrl: profileConfigApiBaseUrl(state ?? makeEmptyState(), profile),
+		authenticated: typeof profile.auth_token === "string",
+		current: currentProfile === name,
+		name
+	})).sort((left, right) => left.name.localeCompare(right.name));
+	return {
+		configPath: runtime.configPath,
+		defaultProfile,
+		profiles
+	};
+});
+const getAuthStatusEffect = (selection = {}) => Effect.gen(function* () {
+	const runtime = yield* resolveAuthRuntimeConfig();
 	if (runtime.token) return {
 		authenticated: true,
 		source: "env",
 		apiBaseUrl: runtime.apiBaseUrl,
-		configPath: runtime.configPath
+		configPath: runtime.configPath,
+		defaultProfile: null,
+		profile: (yield* validateOptionalProfileNameEffect(selection.profile)) ?? (yield* validateOptionalProfileNameEffect(runtime.profile)) ?? null
 	};
 	const state = yield* loadPersistedStateEffect(runtime.configPath);
+	const selectedProfile = yield* selectProfileNameEffect({
+		explicitProfile: selection.profile,
+		runtimeProfile: runtime.profile,
+		state
+	});
+	if (selectedProfile) {
+		if (state === null) return {
+			authenticated: false,
+			source: null,
+			apiBaseUrl: runtime.apiBaseUrl,
+			configPath: runtime.configPath,
+			defaultProfile: null,
+			profile: selectedProfile
+		};
+		const profile = state?.profiles?.[selectedProfile];
+		return profile === void 0 || typeof profile.auth_token !== "string" ? {
+			authenticated: false,
+			source: null,
+			apiBaseUrl: runtime.apiBaseUrl,
+			configPath: runtime.configPath,
+			defaultProfile: state?.default_profile ?? null,
+			profile: selectedProfile
+		} : {
+			authenticated: true,
+			source: "profile",
+			apiBaseUrl: profileConfigApiBaseUrl(state, profile),
+			configPath: runtime.configPath,
+			defaultProfile: state.default_profile ?? null,
+			profile: selectedProfile
+		};
+	}
 	return state === null ? {
 		authenticated: false,
 		source: null,
 		apiBaseUrl: runtime.apiBaseUrl,
-		configPath: runtime.configPath
+		configPath: runtime.configPath,
+		defaultProfile: null,
+		profile: null
 	} : {
-		authenticated: typeof state.auth_token === "string" ? true : false,
+		authenticated: typeof state.auth_token === "string",
 		source: typeof state.auth_token === "string" ? "config" : null,
 		apiBaseUrl: state.api_base_url,
-		configPath: runtime.configPath
+		configPath: runtime.configPath,
+		defaultProfile: state.default_profile ?? null,
+		profile: null
+	};
+});
+const removeProfileEffect = (profile) => Effect.gen(function* () {
+	const profileName = yield* validateProfileNameEffect(profile);
+	const runtime = yield* resolveAuthRuntimeConfig();
+	const state = yield* loadPersistedStateEffect(runtime.configPath);
+	if (state === null || state.profiles?.[profileName] === void 0) return {
+		configPath: runtime.configPath,
+		profile: profileName,
+		removed: false
+	};
+	const { [profileName]: _removed, ...remainingProfiles } = state.profiles;
+	const nextState = {
+		...state,
+		default_profile: state.default_profile === profileName ? void 0 : state.default_profile,
+		profiles: Object.keys(remainingProfiles).length > 0 ? remainingProfiles : void 0
+	};
+	yield* persistConfigEffect(runtime.configPath, nextState, `Unable to remove auth profile \`${profileName}\` at ${runtime.configPath}.`);
+	return {
+		configPath: runtime.configPath,
+		profile: profileName,
+		removed: true
 	};
 });
-const resolveAuthStateEffect = () => Effect.gen(function* () {
-	const runtime = yield* resolveCliRuntimeConfig();
+const resolveAuthStateEffect = (selection = {}) => Effect.gen(function* () {
+	const runtime = yield* resolveAuthRuntimeConfig();
+	const explicitOrEnvProfile = (yield* validateOptionalProfileNameEffect(selection.profile)) ?? (yield* validateOptionalProfileNameEffect(runtime.profile)) ?? null;
 	if (runtime.token) return {
 		token: runtime.token,
 		apiBaseUrl: runtime.apiBaseUrl,
 		source: "env",
-		configPath: runtime.configPath
+		configPath: runtime.configPath,
+		profile: explicitOrEnvProfile
 	};
 	const state = yield* loadPersistedStateEffect(runtime.configPath);
+	const selectedProfile = yield* selectProfileNameEffect({
+		explicitProfile: selection.profile,
+		runtimeProfile: runtime.profile,
+		state
+	});
+	if (selectedProfile) {
+		if (state === null) return yield* Effect.fail(new AuthStateError({ message: `No put.io token is configured for profile \`${selectedProfile}\`. Set PUTIO_CLI_TOKEN or run \`putio auth login --profile ${selectedProfile}\`.` }));
+		const profile = state?.profiles?.[selectedProfile];
+		if (profile === void 0 || typeof profile.auth_token !== "string") return yield* Effect.fail(new AuthStateError({ message: `No put.io token is configured for profile \`${selectedProfile}\`. Set PUTIO_CLI_TOKEN or run \`putio auth login --profile ${selectedProfile}\`.` }));
+		return {
+			token: profile.auth_token,
+			apiBaseUrl: profileConfigApiBaseUrl(state, profile),
+			source: "profile",
+			configPath: runtime.configPath,
+			profile: selectedProfile
+		};
+	}
 	if (state === null || typeof state.auth_token !== "string") return yield* Effect.fail(new AuthStateError({ message: "No put.io token is configured. Set PUTIO_CLI_TOKEN or run `putio auth login`." }));
 	return {
 		token: state.auth_token,
 		apiBaseUrl: state.api_base_url,
 		source: "config",
-		configPath: runtime.configPath
+		configPath: runtime.configPath,
+		profile: null
+	};
+});
+const useProfileEffect = (profile) => Effect.gen(function* () {
+	const profileName = yield* validateProfileNameEffect(profile);
+	const runtime = yield* resolveAuthRuntimeConfig();
+	const state = yield* loadPersistedStateEffect(runtime.configPath);
+	if (state?.profiles?.[profileName] === void 0) return yield* Effect.fail(new AuthStateError({ message: `Auth profile \`${profileName}\` does not exist. Run \`putio auth login --profile ${profileName}\` first.` }));
+	const nextState = {
+		...state,
+		default_profile: profileName
+	};
+	yield* persistConfigEffect(runtime.configPath, nextState, `Unable to set the default auth profile at ${runtime.configPath}.`);
+	return {
+		configPath: runtime.configPath,
+		profile: profileName
 	};
 });
 const makeCliState = () => ({
 	clearPersistedState: clearPersistedStateEffect,
 	getAuthStatus: getAuthStatusEffect,
+	listProfiles: listProfilesEffect,
 	loadPersistedState: loadPersistedStateEffect,
+	removeProfile: removeProfileEffect,
 	resolveAuthState: resolveAuthStateEffect,
-	savePersistedState: savePersistedStateEffect
+	savePersistedState: savePersistedStateEffect,
+	useProfile: useProfileEffect
 });
 const CliStateLive = Layer.sync(CliState, makeCliState);
 const loadPersistedState = (configPath) => Effect.flatMap(CliState, (state) => state.loadPersistedState(configPath));
-const savePersistedState = (state, configPath) => Effect.flatMap(CliState, (cliState) => cliState.savePersistedState(state, configPath));
-const clearPersistedState = (configPath) => Effect.flatMap(CliState, (state) => state.clearPersistedState(configPath));
-const getAuthStatus = () => Effect.flatMap(CliState, (state) => state.getAuthStatus());
-const resolveAuthState = () => Effect.flatMap(CliState, (state) => state.resolveAuthState());
+const savePersistedState = (state, configPath, selection) => Effect.flatMap(CliState, (cliState) => cliState.savePersistedState(state, configPath, selection));
+const clearPersistedState = (configPath, selection) => Effect.flatMap(CliState, (state) => state.clearPersistedState(configPath, selection));
+const getAuthStatus = (selection) => Effect.flatMap(CliState, (state) => state.getAuthStatus(selection));
+const listProfiles = () => Effect.flatMap(CliState, (state) => state.listProfiles());
+const removeProfile = (profile) => Effect.flatMap(CliState, (state) => state.removeProfile(profile));
+const resolveAuthState = (selection) => Effect.flatMap(CliState, (state) => state.resolveAuthState(selection));
+const useProfile = (profile) => Effect.flatMap(CliState, (state) => state.useProfile(profile));
 //#endregion
 //#region src/internal/command.ts
-const outputOption = Options.choice("output", [
+const outputOption = Flag.choice("output", [
 	"json",
 	"text",
 	"ndjson"
-]).pipe(Options.optional);
-const dryRunOption = Options.boolean("dry-run").pipe(Options.withDefault(false));
-const fieldsOption = Options.text("fields").pipe(Options.optional);
-const jsonOption = Options.text("json").pipe(Options.optional);
-const pageAllOption = Options.boolean("page-all").pipe(Options.withDefault(false));
+]).pipe(Flag.optional);
+const dryRunOption = Flag.boolean("dry-run").pipe(Flag.withDefault(false));
+const fieldsOption = Flag.string("fields").pipe(Flag.optional);
+const jsonOption = Flag.string("json").pipe(Flag.optional);
+const pageAllOption = Flag.boolean("page-all").pipe(Flag.withDefault(false));
 const defineBooleanOption = (name, options = {}) => {
-	const option = options.defaultValue === void 0 ? Options.boolean(name) : Options.boolean(name).pipe(Options.withDefault(options.defaultValue));
+	const option = options.defaultValue === void 0 ? Flag.boolean(name) : Flag.boolean(name).pipe(Flag.withDefault(options.defaultValue));
 	return {
 		flag: booleanFlag(name, options),
 		option
 	};
 };
-const defineIntegerOption = (name, options = {}) => {
-	const option = options.optional ? Options.integer(name).pipe(Options.optional) : Options.integer(name);
-	return {
-		flag: integerFlag(name, {
-			description: options.description,
-			required: options.required ?? options.optional !== true
-		}),
-		option
+function defineIntegerOption(name, options = {}) {
+	const flag = integerFlag(name, {
+		description: options.description,
+		required: options.required ?? options.optional !== true
+	});
+	return options.optional === true ? {
+		flag,
+		option: Flag.integer(name).pipe(Flag.optional)
+	} : {
+		flag,
+		option: Flag.integer(name)
 	};
-};
-const defineTextOption = (name, options = {}) => {
-	let option = Options.text(name);
-	if (options.defaultValue !== void 0) option = option.pipe(Options.withDefault(options.defaultValue));
-	else if (options.optional) option = option.pipe(Options.optional);
-	return {
-		flag: stringFlag(name, {
-			defaultValue: options.defaultValue,
-			description: options.description,
-			required: options.required ?? (options.defaultValue === void 0 && options.optional !== true)
-		}),
-		option
+}
+function defineTextOption(name, options = {}) {
+	const flag = stringFlag(name, {
+		defaultValue: options.defaultValue,
+		description: options.description,
+		required: options.required ?? (options.defaultValue === void 0 && options.optional !== true)
+	});
+	if (options.defaultValue !== void 0) return {
+		flag,
+		option: Flag.string(name).pipe(Flag.withDefault(options.defaultValue))
 	};
-};
-const defineChoiceOption = (name, choices, options = {}) => {
-	const option = options.optional ? Options.choice(name, choices).pipe(Options.optional) : Options.choice(name, choices);
-	return {
-		flag: enumFlag(name, choices, {
-			description: options.description,
-			required: options.required ?? options.optional !== true
-		}),
-		option
+	return options.optional === true ? {
+		flag,
+		option: Flag.string(name).pipe(Flag.optional)
+	} : {
+		flag,
+		option: Flag.string(name)
 	};
-};
+}
+function defineChoiceOption(name, choices, options = {}) {
+	const flag = enumFlag(name, choices, {
+		description: options.description,
+		required: options.required ?? options.optional !== true
+	});
+	return options.optional === true ? {
+		flag,
+		option: Flag.choice(name, choices).pipe(Flag.optional)
+	} : {
+		flag,
+		option: Flag.choice(name, choices)
+	};
+}
 const getOption = (option) => Option.getOrUndefined(option);
 var CliCommandInputError = class extends Data.TaggedError("CliCommandInputError") {};
 const PATH_TRAVERSAL_PATTERN = /(?:^|[\\/])\.\.(?:[\\/]|$)|%2e/iu;
@@ -1672,14 +2034,14 @@ const parseRepeatedIntegers = (values) => {
 	}
 	return Option.some(parsed);
 };
-const parseRepeatedIntegerOption = (name) => Options.text(name).pipe(Options.repeated, Options.filterMap(parseRepeatedIntegers, `Expected \`--${name}\` values to be integers.`));
+const parseRepeatedIntegerOption = (name) => Flag.string(name).pipe(Flag.atLeast(0), Flag.filterMap(parseRepeatedIntegers, () => `Expected \`--${name}\` values to be integers.`));
 const defineRepeatedIntegerOption = (name, options = {}) => ({
 	flag: repeatedIntegerFlag(name, options),
 	option: parseRepeatedIntegerOption(name)
 });
 const defineRepeatedTextOption = (name, options = {}) => ({
 	flag: repeatedStringFlag(name, options),
-	option: Options.text(name).pipe(Options.repeated)
+	option: Flag.string(name).pipe(Flag.atLeast(0))
 });
 const mapInputError = (error, fallbackMessage) => error instanceof CliCommandInputError ? error : new CliCommandInputError({ message: fallbackMessage });
 const decodeJsonOption = (schema, raw) => Effect.try({
@@ -1907,6 +2269,7 @@ const renderAuthLoginTerminal = (value) => [
 ].join("\n\n");
 const renderAuthLoginSuccessTerminal = (value) => [renderPutioSignature(), renderPanel([
 	ansi.bold(translate("cli.auth.success.savedToken")),
+	translate("cli.auth.success.profile", { value: value.profile ?? translate("cli.common.none") }),
 	translate("cli.auth.success.apiBaseUrl", { value: value.apiBaseUrl }),
 	translate("cli.auth.success.configPath", { value: value.configPath }),
 	translate("cli.auth.success.browserOpened", { value: value.browserOpened ? translate("cli.common.yes") : translate("cli.common.no") })
@@ -1919,42 +2282,78 @@ const renderAuthLoginSuccessTerminal = (value) => [renderPutioSignature(), rende
 const openConfig = defineBooleanOption("open", { defaultValue: false });
 const timeoutSecondsConfig$1 = defineIntegerOption("timeout-seconds", { optional: true });
 const previewCodeConfig = defineTextOption("code", { defaultValue: "PUTIO1" });
+const profileConfig = defineTextOption("profile", {
+	description: AUTH_PROFILE_NAME_DESCRIPTION,
+	optional: true
+});
 const openOption = openConfig.option;
 const timeoutSecondsOption$1 = timeoutSecondsConfig$1.option;
 const previewCodeOption = previewCodeConfig.option;
+const profileOption = profileConfig.option;
+const profileArgument = Argument.string("profile");
+const profileCommandArgument = stringArgument("profile", {
+	description: AUTH_PROFILE_NAME_DESCRIPTION,
+	required: true
+});
 const waitForOpenShortcut = (url) => Effect.gen(function* () {
 	const runtimeService = yield* CliRuntime;
 	if (!runtimeService.isInteractiveTerminal) return false;
-	const terminal = yield* Terminal.Terminal;
-	if (!(yield* terminal.isTTY)) return false;
-	const input = yield* terminal.readInput;
+	const input = yield* (yield* Terminal.Terminal).readInput;
 	while (true) {
-		const event = yield* input.take;
+		const event = yield* Queue.take(input);
 		const keyInput = Option.getOrElse(event.input, () => "").toLowerCase();
 		if (event.key.name === "o" || keyInput === "o") return yield* runtimeService.openExternal(url);
 	}
-}).pipe(Effect.catchTag("NoSuchElementException", () => Effect.succeed(false)));
+}).pipe(Effect.catchIf(Cause.isDone, () => Effect.succeed(false)));
+const resolveProfileInput = (profile) => Option.match(profile, {
+	onNone: () => void 0,
+	onSome: (value) => {
+		const normalized = normalizeAuthProfileName(value);
+		if (normalized === null) throw new CliCommandInputError({ message: `Invalid auth profile \`${value}\`. ${AUTH_PROFILE_NAME_DESCRIPTION}` });
+		return normalized;
+	}
+});
+const validateProfileArgument = (profile) => {
+	const normalized = normalizeAuthProfileName(profile);
+	if (normalized === null) throw new CliCommandInputError({ message: `Invalid auth profile \`${profile}\`. ${AUTH_PROFILE_NAME_DESCRIPTION}` });
+	return normalized;
+};
 const renderAuthStatus = (status) => status.authenticated ? [
 	translate("cli.auth.status.authenticatedYes"),
 	translate("cli.auth.status.source", { value: status.source ?? translate("cli.auth.status.unknown") }),
+	translate("cli.auth.status.profile", { value: status.profile ?? translate("cli.common.none") }),
+	translate("cli.auth.status.defaultProfile", { value: status.defaultProfile ?? translate("cli.common.none") }),
 	translate("cli.auth.status.apiBaseUrl", { value: status.apiBaseUrl }),
 	translate("cli.auth.status.configPath", { value: status.configPath })
 ].join("\n") : [
 	translate("cli.auth.status.authenticatedNo"),
+	translate("cli.auth.status.profile", { value: status.profile ?? translate("cli.common.none") }),
+	translate("cli.auth.status.defaultProfile", { value: status.defaultProfile ?? translate("cli.common.none") }),
 	translate("cli.auth.status.apiBaseUrl", { value: status.apiBaseUrl }),
 	translate("cli.auth.status.configPath", { value: status.configPath })
 ].join("\n");
-const authStatus = Command.make("status", { output: outputOption }, ({ output }) => Effect.gen(function* () {
-	yield* writeOutput(yield* getAuthStatus(), getOption(output), renderAuthStatus);
+const authStatus = Command.make("status", {
+	output: outputOption,
+	profile: profileOption
+}, ({ output, profile }) => Effect.gen(function* () {
+	yield* writeOutput(yield* getAuthStatus({ profile: yield* Effect.try({
+		try: () => resolveProfileInput(profile),
+		catch: (error) => error
+	}) }), getOption(output), renderAuthStatus);
 }));
 const authLogin = Command.make("login", {
 	open: openOption,
 	output: outputOption,
+	profile: profileOption,
 	timeoutSeconds: timeoutSecondsOption$1
-}, ({ open, output, timeoutSeconds }) => Effect.gen(function* () {
+}, ({ open, output, profile, timeoutSeconds }) => Effect.gen(function* () {
 	const runtimeService = yield* CliRuntime;
 	const outputMode = normalizeOutputMode(getOption(output), runtimeService.isInteractiveTerminal);
 	const apiBaseUrl = (yield* resolveCliRuntimeConfig()).apiBaseUrl;
+	const selectedProfile = yield* Effect.try({
+		try: () => resolveProfileInput(profile),
+		catch: (error) => error
+	});
 	const timeoutMs = Option.getOrElse(timeoutSeconds, () => 120) * 1e3;
 	const authFlow = yield* resolveCliAuthFlowConfig();
 	const { code } = yield* provideSdk({ apiBaseUrl }, sdk.auth.getCode({
@@ -1973,10 +2372,10 @@ const authLogin = Command.make("login", {
 		`code: ${code}`,
 		translate("cli.auth.login.waiting")
 	].join("\n");
-	yield* outputMode === "terminal" ? Console.log(instructionMessage) : Console.error(instructionMessage);
+	yield* outputMode === "terminal" ? Console.log(instructionMessage) : runtimeService.writeStderr(`${instructionMessage}\n`);
 	const openShortcutFiber = outputMode === "terminal" && !browserOpened ? yield* Effect.forkScoped(waitForOpenShortcut(linkUrl)) : void 0;
 	yield* Effect.addFinalizer(() => openShortcutFiber ? Fiber.interrupt(openShortcutFiber) : Effect.void);
-	const { configPath, state } = yield* savePersistedState({
+	const { configPath, profile: savedProfile, state } = yield* savePersistedState({
 		apiBaseUrl,
 		token: yield* withTerminalLoader({
 			message: translate("cli.auth.login.waiting"),
@@ -1986,21 +2385,29 @@ const authLogin = Command.make("login", {
 			timeoutMs,
 			checkCodeMatch: (authCode) => provideSdk({ apiBaseUrl }, sdk.auth.checkCodeMatch(authCode))
 		}))
-	});
+	}, void 0, { profile: selectedProfile });
 	yield* writeOutput({
-		apiBaseUrl: state.api_base_url,
+		apiBaseUrl: savedProfile ? state.profiles?.[savedProfile]?.api_base_url ?? state.api_base_url : state.api_base_url,
 		authenticated: true,
 		browserOpened,
 		configPath,
+		profile: savedProfile,
 		linkUrl
 	}, getOption(output), (value) => renderAuthLoginSuccessTerminal(value));
 }));
-const authLogout = Command.make("logout", { output: outputOption }, ({ output }) => Effect.gen(function* () {
-	const { configPath } = yield* clearPersistedState();
+const authLogout = Command.make("logout", {
+	output: outputOption,
+	profile: profileOption
+}, ({ output, profile }) => Effect.gen(function* () {
+	const { cleared, configPath, profile: clearedProfile } = yield* clearPersistedState(void 0, { profile: yield* Effect.try({
+		try: () => resolveProfileInput(profile),
+		catch: (error) => error
+	}) });
 	yield* writeOutput({
-		cleared: true,
-		configPath
-	}, getOption(output), (value) => translate("cli.auth.logout.cleared", { configPath: value.configPath }));
+		cleared,
+		configPath,
+		profile: clearedProfile
+	}, getOption(output), (value) => value.cleared ? translate("cli.auth.logout.cleared", { configPath: value.configPath }) : value.profile ? translate("cli.auth.profiles.notFound", { profile: value.profile }) : translate("cli.auth.logout.notFound", { configPath: value.configPath }));
 }));
 const authPreview = Command.make("preview", {
 	code: previewCodeOption,
@@ -2015,11 +2422,37 @@ const authPreview = Command.make("preview", {
 		linkUrl: buildDeviceLinkUrl(previewCode, authFlow.webAppUrl)
 	}, getOption(output), renderAuthLoginTerminal);
 }));
+const authProfilesList = Command.make("list", { output: outputOption }, ({ output }) => Effect.gen(function* () {
+	yield* writeOutput(yield* listProfiles(), getOption(output), (value) => value.profiles.length === 0 ? translate("cli.auth.profiles.empty") : value.profiles.map((profile) => [
+		profile.current ? "*" : "-",
+		profile.name,
+		profile.authenticated ? translate("cli.common.yes") : translate("cli.common.no"),
+		profile.apiBaseUrl
+	].join("	")).join("\n"));
+}));
+const authProfilesUse = Command.make("use", {
+	output: outputOption,
+	profile: profileArgument
+}, ({ output, profile }) => Effect.gen(function* () {
+	yield* writeOutput(yield* useProfile(validateProfileArgument(profile)), getOption(output), (value) => translate("cli.auth.profiles.used", { profile: value.profile }));
+}));
+const authProfilesRemove = Command.make("remove", {
+	output: outputOption,
+	profile: profileArgument
+}, ({ output, profile }) => Effect.gen(function* () {
+	yield* writeOutput(yield* removeProfile(validateProfileArgument(profile)), getOption(output), (value) => value.removed ? translate("cli.auth.profiles.removed", { profile: value.profile }) : translate("cli.auth.profiles.notFound", { profile: value.profile }));
+}));
+const authProfiles = Command.make("profiles", {}, () => Effect.void).pipe(Command.withSubcommands([
+	authProfilesList,
+	authProfilesUse,
+	authProfilesRemove
+]));
 const makeAuthCommand = () => Command.make("auth", {}, () => Console.log(translate("cli.root.chooseAuthSubcommand"))).pipe(Command.withSubcommands([
 	authStatus,
 	authLogin,
 	authLogout,
-	authPreview
+	authPreview,
+	authProfiles
 ]));
 const authCommandSpecs = [
 	{
@@ -2034,6 +2467,7 @@ const authCommandSpecs = [
 		input: { flags: [
 			openConfig.flag,
 			outputFlag(),
+			profileConfig.flag,
 			timeoutSecondsConfig$1.flag
 		] },
 		kind: "auth",
@@ -2048,7 +2482,7 @@ const authCommandSpecs = [
 			streaming: false
 		},
 		command: "auth status",
-		input: { flags: [outputFlag()] },
+		input: { flags: [outputFlag(), profileConfig.flag] },
 		kind: "auth",
 		purpose: translate("cli.metadata.authStatus")
 	},
@@ -2061,7 +2495,7 @@ const authCommandSpecs = [
 			streaming: false
 		},
 		command: "auth logout",
-		input: { flags: [outputFlag()] },
+		input: { flags: [outputFlag(), profileConfig.flag] },
 		kind: "auth",
 		purpose: translate("cli.metadata.authLogout")
 	},
@@ -2081,6 +2515,51 @@ const authCommandSpecs = [
 		] },
 		kind: "auth",
 		purpose: translate("cli.metadata.authPreview")
+	},
+	{
+		auth: { required: false },
+		capabilities: {
+			dryRun: false,
+			fieldSelection: false,
+			rawJsonInput: false,
+			streaming: false
+		},
+		command: "auth profiles list",
+		input: { flags: [outputFlag()] },
+		kind: "auth",
+		purpose: translate("cli.metadata.authProfilesList")
+	},
+	{
+		auth: { required: false },
+		capabilities: {
+			dryRun: false,
+			fieldSelection: false,
+			rawJsonInput: false,
+			streaming: false
+		},
+		command: "auth profiles use",
+		input: {
+			arguments: [profileCommandArgument],
+			flags: [outputFlag()]
+		},
+		kind: "auth",
+		purpose: translate("cli.metadata.authProfilesUse")
+	},
+	{
+		auth: { required: false },
+		capabilities: {
+			dryRun: false,
+			fieldSelection: false,
+			rawJsonInput: false,
+			streaming: false
+		},
+		command: "auth profiles remove",
+		input: {
+			arguments: [profileCommandArgument],
+			flags: [outputFlag()]
+		},
+		kind: "auth",
+		purpose: translate("cli.metadata.authProfilesRemove")
 	}
 ];
 //#endregion
@@ -2435,15 +2914,15 @@ const fileTypeOption = fileTypeConfig.option;
 const sortByOption = sortByConfig.option;
 const optionalFileIdOption = optionalFileIdConfig.option;
 const optionalFileNameOption = optionalFileNameConfig.option;
-const NonEmptyStringSchema$1 = Schema.String.pipe(Schema.filter((value) => value.trim().length > 0, { message: () => "Expected a non-empty string" }));
-const NonEmptyIdsSchema$1 = Schema.Array(Schema.Number).pipe(Schema.filter((value) => value.length > 0, { message: () => "Expected at least one id" }));
+const NonBlankStringSchema = Schema.String.check(Schema.makeFilter((value) => value.trim().length > 0 ? void 0 : "Expected a non-empty string"));
+const NonEmptyIdsSchema$1 = Schema.Array(Schema.Number).check(Schema.isNonEmpty());
 const FilesMkdirInputSchema = Schema.Struct({
-	name: NonEmptyStringSchema$1,
+	name: NonBlankStringSchema,
 	parent_id: Schema.optional(Schema.Number)
 });
 const FilesRenameInputSchema = Schema.Struct({
 	file_id: Schema.Number,
-	name: NonEmptyStringSchema$1
+	name: NonBlankStringSchema
 });
 const FilesDeleteInputSchema = Schema.Struct({
 	ids: NonEmptyIdsSchema$1,
@@ -2886,8 +3365,8 @@ const WATCH_TERMINAL_STATUSES = [
 	"ERROR",
 	"SEEDING"
 ];
-const NonEmptyIdsSchema = Schema.Array(Schema.Number).pipe(Schema.filter((value) => value.length > 0, { message: () => "Expected at least one id" }));
-const TransfersAddInputSchema = Schema.Array(TransferAddInputSchema).pipe(Schema.filter((value) => value.length > 0, { message: () => "Expected at least one transfer input" }));
+const NonEmptyIdsSchema = Schema.Array(Schema.Number).check(Schema.isNonEmpty());
+const TransfersAddInputSchema = Schema.Array(TransferAddInputSchema).check(Schema.isNonEmpty());
 const TransfersCancelInputSchema = Schema.Struct({ ids: NonEmptyIdsSchema });
 const TransfersSingleIdInputSchema = Schema.Struct({ id: Schema.Number });
 const TransfersCleanInputSchema = Schema.Struct({ ids: Schema.optional(NonEmptyIdsSchema) });
@@ -3002,12 +3481,15 @@ const transfersRetry = Command.make("retry", {
 }));
 const transfersClean = Command.make("clean", {
 	dryRun: dryRunOption,
-	id: transferIdsOption.pipe(Options.optional),
+	id: transferIdsOption.pipe(Flag.optional),
 	json: jsonOption,
 	output: outputOption
 }, ({ dryRun, id, json, output }) => Effect.gen(function* () {
 	const input = yield* resolveMutationInput({
-		buildFromFlags: () => ({ ids: Option.getOrUndefined(id) }),
+		buildFromFlags: () => {
+			const ids = Option.getOrUndefined(id);
+			return ids === void 0 || ids.length === 0 ? {} : { ids };
+		},
 		json,
 		schema: TransfersCleanInputSchema
 	});
@@ -3385,7 +3867,15 @@ const commandCatalog = decodeCommandSpecs([
 ]);
 //#endregion
 //#region src/internal/metadata.ts
-const NonEmptyStringSchema = Schema.String.pipe(Schema.filter((value) => value.length > 0, { message: () => "Expected a non-empty string" }));
+const NonEmptyStringSchema = Schema.String.check(Schema.isNonEmpty());
+const ConfigStringFieldSchema = Schema.Struct({
+	required: Schema.Boolean,
+	type: Schema.Literal("string")
+});
+const PersistedProfileShapeSchema = Schema.Struct({
+	api_base_url: ConfigStringFieldSchema,
+	auth_token: ConfigStringFieldSchema
+});
 const CliMetadataSchema = Schema.Struct({
 	agentDx: AgentDxScorecardSchema,
 	auth: Schema.Struct({
@@ -3397,9 +3887,16 @@ const CliMetadataSchema = Schema.Struct({
 		loginWebAppUrlEnv: NonEmptyStringSchema,
 		persistedConfigEnv: NonEmptyStringSchema,
 		persistedConfigShape: Schema.Struct({
-			api_base_url: Schema.Literal("string"),
-			auth_token: Schema.Literal("string")
-		})
+			api_base_url: ConfigStringFieldSchema,
+			auth_token: ConfigStringFieldSchema,
+			default_profile: ConfigStringFieldSchema,
+			profiles: Schema.Struct({
+				required: Schema.Boolean,
+				type: Schema.Literal("record"),
+				values: PersistedProfileShapeSchema
+			})
+		}),
+		profileEnv: NonEmptyStringSchema
 	}),
 	binary: NonEmptyStringSchema,
 	commands: Schema.Array(CommandDescriptorSchema),
@@ -3436,9 +3933,34 @@ const describeCli = () => decodeCliMetadata({
 		loginWebAppUrlEnv: ENV_CLI_WEB_APP_URL,
 		persistedConfigEnv: ENV_CLI_CONFIG_PATH,
 		persistedConfigShape: {
-			api_base_url: "string",
-			auth_token: "string"
-		}
+			api_base_url: {
+				required: true,
+				type: "string"
+			},
+			auth_token: {
+				required: false,
+				type: "string"
+			},
+			default_profile: {
+				required: false,
+				type: "string"
+			},
+			profiles: {
+				required: false,
+				type: "record",
+				values: {
+					api_base_url: {
+						required: false,
+						type: "string"
+					},
+					auth_token: {
+						required: false,
+						type: "string"
+					}
+				}
+			}
+		},
+		profileEnv: ENV_CLI_PROFILE
 	},
 	binary: translate("cli.brand.binary"),
 	commands: commandCatalog,
@@ -3460,4 +3982,4 @@ const describeCli = () => decodeCliMetadata({
 	version
 });
 //#endregion
-export { translate as A, CliOutput as C, CliConfigLive as D, renderJson as E, CliRuntime as O, CliSdkLive as S, detectOutputModeFromArgv as T, clearPersistedState as _, searchCommand as a, resolveAuthState as b, brandCommand as c, AuthStateError as d, AuthStatusSchema as f, ResolvedAuthStateSchema as g, PutioCliConfigSchema as h, filesCommand as i, version as j, CliRuntimeLive as k, versionCommand as l, CliStateLive as m, whoamiCommand as n, eventsCommand as o, CliState as p, transfersCommand as r, downloadLinksCommand as s, describeCli as t, makeAuthCommand as u, getAuthStatus as v, CliOutputLive as w, savePersistedState as x, loadPersistedState as y };
+export { CliOutputLive as A, loadPersistedState as C, useProfile as D, savePersistedState as E, CliRuntime as F, CliRuntimeLive as I, translate as L, isStructuredOutputMode as M, renderJson as N, CliSdkLive as O, CliConfigLive as P, version as R, listProfiles as S, resolveAuthState as T, PutioCliConfigSchema as _, searchCommand as a, clearPersistedState as b, brandCommand as c, AuthProfileListSchema as d, AuthProfileSummarySchema as f, CliStateLive as g, CliState as h, filesCommand as i, detectOutputModeFromArgv as j, CliOutput as k, versionCommand as l, AuthStatusSchema as m, whoamiCommand as n, eventsCommand as o, AuthStateError as p, transfersCommand as r, downloadLinksCommand as s, describeCli as t, makeAuthCommand as u, PutioCliProfileConfigSchema as v, removeProfile as w, getAuthStatus as x, ResolvedAuthStateSchema as y };