Zypheron
ZYPHERON
TutorialsJune 10, 20266 min read

Pair the CLI to the Desktop: One Login, Shared Findings

The CLI is where you move fast. The desktop is where you see the whole picture. Pairing connects them so a scan you fire from the terminal shows up in your desktop workspaces — with one login and a token that lives in your OS keyring, not a config file.

Plenty of teams run the free Zypheron CLI for day-to-day recon and scanning and the desktop app for investigation and reporting. Until you pair them, those are two islands. Pairing is the bridge: sign in once, approve the link, and the two halves share an account and your findings without you copying files around.

One login, shared session

Run zypheron login and you authenticate through your browser back to zypheron.net. The session is cached locally and shared with the desktop app if it is installed, so you are not logging in twice. zypheron status confirms your login and pairing state, and zypheron logout clears the local session.

Already logged into the desktop? The CLI picks up that session. One identity across both tools, no license-key juggling.

The pairing handshake

When the CLI needs scoped access to the desktop, it fires a zypheron://pair deep link. The desktop answers with an approval modal showing exactly what is asking: the agent name, CLI version, platform, and an expiry timer. You approve it deliberately — nothing is granted silently. On approval, a scoped access token is issued and stored in your operating system keyring, not in a plaintext dotfile. Refresh tokens rotate and are one-time-use, and verification is loopback-only, so the handshake stays on your machine.

Findings flow into workspaces

Your CLI scan results remain the source of truth on disk under ~/.zypheron. The desktop reads them and links them to a project using a lightweight scan_tags association — the two systems stay loosely coupled, so neither breaks if the other is closed. The payoff: a scan you launched from the terminal becomes a node in your Network Map, a row in your findings, and raw material for a report, without an export step.

Revoke in one click

Every paired CLI is listed under Settings → Connected CLIs in the desktop. Lost a laptop, rotated a workstation, or just done with a temporary box? Revoke its token there and the access is gone. Because the grant was scoped and the token rotates, revocation is clean rather than a password reset.

The CLI is free and open source — pairing it to the desktop is how a terminal-speed workflow gains a visual command center without giving up either one. Grab the CLI from GitHub, install the desktop, run zypheron login, and approve the link.

ShareLinkedInX
Email List

Get AD security drops in your inbox

Release notes, identity attack-path research, and early access. Low volume, real signal only. Unsubscribe anytime.

Recommended next read
GET THE FREE CLI
ZYPHERON

ZYPHERON Desktop is a cybersecurity IDE for offensive and defensive workflows. The open source CLI remains available for terminal-first users.

AUTHORIZED USE ONLY

Infrastructure

Network

© 2025 ZYPHERON SYSTEMS//DESKTOP + CLI