[signal-cli] / man / signal-cli.1.adoc

/////
vim:set ts=4 sw=4 tw=82 noet:
/////

:quotes.~:

= signal-cli (1)

== Name

signal-cli - A commandline interface for the Signal messenger

== Synopsis

*signal-cli* [--config CONFIG] [-h | -v | -a ACCOUNT | --dbus | --dbus-system] command [command-options]

== Description

signal-cli is a commandline interface for libsignal-service-java.
It supports registering, verifying, sending and receiving messages.
For registering you need a phone number where you can receive SMS or incoming calls.
signal-cli was primarily developed to be used on servers to notify admins of important events.
For this use-case, it has a dbus and a JSON-RPC interface, that can be used to send messages from other programs.

For some functionality the Signal protocol requires that all messages have been received from the server.
The `receive` command should be regularly executed.
In daemon mode messages are continuously received.

== Options

*-h*, *--help*::
Show help message and quit.

*--version*::
Print the version and quit.

*-v*, *--verbose*::
Raise log level and include lib signal logs.

*--log-file* LOG_FILE::
Write log output to the given file.
If `--verbose` is also given, the detailed logs will only be written to the log file.

*--scrub-log*::
Scrub possibly sensitive information from the log, like phone numbers and UUIDs.

*--config* CONFIG::
Set the path, where to store the config.
Make sure you have full read/write access to the given directory.
(Default: `$XDG_DATA_HOME/signal-cli` (`$HOME/.local/share/signal-cli`))

*-a* ACCOUNT, *--account* ACCOUNT::
Specify your phone number, that will be your identifier.
The phone number must include the country calling code, i.e. the number must start with a "+" sign.

This flag must not be given for the `link` command.
It is optional for the `daemon` command.
For all other commands it is only optional if there is exactly one local user in the config directory.

*--service-environment* ENVIRONMENT::
Choose the server environment to use:

- `live` (default)
- `staging`

*--dbus*::
Make request via user dbus.

*--dbus-system*::
Make request via system dbus.

*-o* OUTPUT-MODE, *--output* OUTPUT-MODE::
Specify if you want commands to output in either "plain-text" mode or in "json".
Defaults to "plain-text"

*--trust-new-identities* TRUST-MODE::
Choose when to trust new identities:
- `on-first-use` (default): Trust the first seen identity key from new users, changed keys must be verified manually
- `always`: Trust any new identity key without verification
- `never`: Don't trust any unknown identity key, every key must be verified manually

*--disable-send-log*::
Disable message send log (for resending messages that recipient couldn't decrypt).

== Commands

=== register

Register a phone number with SMS or voice verification.
Use the verify command to complete the verification.

If the account is just deactivated, the register command will just reactivate account, without requiring an SMS verification.
By default the unregister command just deactivates the account, in which case it can be reactivated without sms verification if the local data is still available.
If the account was deleted (with --delete-account) it cannot be reactivated.

*-v*, *--voice*::
The verification should be done over voice, not SMS.

*--captcha*::
The captcha token, required if registration failed with a captcha required error.
To get the token, go to https://signalcaptchas.org/registration/generate.html
For the staging environment, use: https://signalcaptchas.org/staging/registration/generate.html
Check the developer tools for a redirect starting with signalcaptcha:// Everything after signalcaptcha:// is the captcha token.

=== verify

Verify the number using the code received via SMS or voice.

VERIFICATIONCODE::
The verification code.

*-p* PIN, *--pin* PIN::
The registration lock PIN, that was set by the user.
Only required if a PIN was set.

=== unregister

Disable push support for this device, i.e. this device won't receive any more messages.
If this is the primary device, other users can't send messages to this number anymore.
Use "updateAccount" to undo this.
To remove a linked device, use "removeDevice" from the primary device.

*--delete-account*::
Delete account completely from server.
Cannot be undone without loss.
You will have to be readded to each group.

CAUTION: Only delete your account if you won't use this number again!

=== deleteLocalAccountData

Delete all local data for this account.
Data should only be deleted if the account is unregistered.

CAUTION: This cannot be undone.

*--ignore-registered*::
Delete the account data even though the account is still registered on the Signal servers.

=== updateAccount

Update the account attributes on the signal server.
Can fix problems with receiving messages.

*-n* NAME, *--device-name* NAME::
Set a new device name for the primary or linked device

=== updateConfiguration

Update signal configs and sync them to linked devices.
This command only works on the primary devices.

*--read-receipts* {true,false}::
Indicates if Signal should send read receipts.

*--unidentified-delivery-indicators* {true,false}::
Indicates if Signal should show unidentified delivery indicators.

*--typing-indicators* {true,false}::
Indicates if Signal should send/show typing indicators.

*--link-previews* {true,false}::
Indicates if Signal should generate link previews.

=== setPin

Set a registration lock pin, to prevent others from registering this number.

REGISTRATION_LOCK_PIN::
The registration lock PIN, that will be required for new registrations (resets after 7 days of inactivity)

=== removePin

Remove the registration lock pin.

=== link

Link to an existing device, instead of registering a new number.
This shows a "sgnl://linkdevice?uuid=..." URI.
If you want to connect to another signal-cli instance, you can just use this URI.
If you want to link to an Android/iOS device, create a QR code with the URI (e.g. with qrencode) and scan that in the Signal app.

*-n* NAME, *--name* NAME::
Optionally specify a name to describe this new device.
By default "cli" will be used.

=== addDevice

Link another device to this device.
Only works, if this is the primary device.

*--uri* URI::
Specify the uri contained in the QR code shown by the new device.
You will need the full URI such as "sgnl://linkdevice?uuid=..." (formerly "tsdevice:/?uuid=...") Make sure to enclose it in quotation marks for shells.

=== listDevices

Show a list of linked devices.

=== removeDevice

Remove a linked device.
Only works, if this is the primary device.

*-d* DEVICE_ID, *--device-id* DEVICE_ID::
Specify the device you want to remove.
Use listDevices to see the deviceIds.

=== getUserStatus

Uses a list of phone numbers to determine the statuses of those users.
Shows if they are registered on the Signal Servers or not.
In json mode this is outputted as a list of objects.

[NUMBER [NUMBER ...]]::
One or more numbers to check.

=== send

Send a message to another user or group.

RECIPIENT::
Specify the recipients’ phone number.

*--note-to-self*::
Send the message to self without notification.

*-g* GROUP, *--group-id* GROUP::
Specify the recipient group ID in base64 encoding.

*-m* MESSAGE, *--message* MESSAGE::
Specify the message.

*--message-from-stdin*::
Read the message from standard input.

*-a* [ATTACHMENT [ATTACHMENT ...]], *--attachment* [ATTACHMENT [ATTACHMENT ...]]::
Add one or more files as attachment.
Can be either a file path or a data URI.
Data URI encoded attachments must follow the RFC 2397.
Additionally a file name can be added:
e.g.: `data:<MIME-TYPE>;filename=<FILENAME>;base64,<BASE64 ENCODED DATA>`

*--sticker* STICKER::
Send a sticker of a locally known sticker pack (syntax: stickerPackId:stickerId).
Shouldn't be used together with `-m` as the official clients don't support this.
e.g.: `--sticker 00abac3bc18d7f599bff2325dc306d43:2`

*--mention*::
Mention another group member (syntax: start:length:recipientNumber) In the apps the mention replaces part of the message text, which is specified by the start and length values.
e.g.: `-m "Hi X!" --mention "3:1:+123456789"`

*--quote-timestamp*::
Specify the timestamp of a previous message with the recipient or group to add a quote to the new message.

*--quote-author*::
Specify the number of the author of the original message.

*--quote-message*::
Specify the message of the original message.

*--quote-mention*::
Specify the mentions of the original message (same format as `--mention`).

*--preview-url*::
Specify the url for the link preview.
The same url must also appear in the message body, otherwise the preview won't be displayed by the apps.

*--preview-title*::
Specify the title for the link preview (mandatory).

*--preview-description*::
Specify the description for the link preview (optional).

*--preview-image*::
Specify the image file for the link preview (optional).

*-e*, *--end-session*::
Clear session state and send end session message.

=== sendPaymentNotification

Send a payment notification.

RECIPIENT::
Specify the recipient’s phone number.

*--receipt* RECEIPT::
The base64 encoded receipt blob.

*--note* NOTE::
Specify a note for the payment notification.

=== sendReaction

Send reaction to a previously received or sent message.

RECIPIENT::
Specify the recipients’ phone number.

*-g* GROUP, *--group-id* GROUP::
Specify the recipient group ID in base64 encoding.

*-e* EMOJI, *--emoji* EMOJI::
Specify the emoji, should be a single unicode grapheme cluster.

*-a* NUMBER, *--target-author* NUMBER::
Specify the number of the author of the message to which to react.

*-t* TIMESTAMP, *--target-timestamp* TIMESTAMP::
Specify the timestamp of the message to which to react.

*-r*, *--remove*::
Remove a reaction.

=== sendReceipt

Send a read or viewed receipt to a previously received message.

RECIPIENT::
Specify the sender’s phone number.

*-t* TIMESTAMP, *--target-timestamp* TIMESTAMP::
Specify the timestamp of the message to which to react.

*--type* TYPE::
Specify the receipt type, either `read` (the default) or `viewed`.

=== sendTyping

Send typing message to trigger a typing indicator for the recipient.
Indicator will be shown for 15seconds unless a typing STOP message is sent first.

RECIPIENT::
Specify the recipients’ phone number.

*-g* GROUP, *--group-id* GROUP::
Specify the recipient group ID in base64 encoding.

*-s*, *--stop*::
Send a typing STOP message.

=== remoteDelete

Remotely delete a previously sent message.

RECIPIENT::
Specify the recipients’ phone number.

*-g* GROUP, *--group-id* GROUP::
Specify the recipient group ID in base64 encoding.

*-t* TIMESTAMP, *--target-timestamp* TIMESTAMP::
Specify the timestamp of the message to delete.

=== receive

Query the server for new messages.
New messages are printed on standard output and attachments are downloaded to the config directory.
In json mode this is outputted as one json object per line.

*-t* TIMEOUT, *--timeout* TIMEOUT::
Number of seconds to wait for new messages (negative values disable timeout).
Default is 5 seconds.

*--ignore-attachments*::
Don’t download attachments of received messages.

*--ignore-stories*::
Don’t receive story messages from the server.


*--send-read-receipts*::
Send read receipts for all incoming data messages (in addition to the default delivery receipts)

=== joinGroup

Join a group via an invitation link.

*--uri*::
The invitation link URI (starts with `https://signal.group/#`)

=== updateGroup

Create or update a group.
If the user is a pending member, this command will accept the group invitation.

*-g* GROUP, *--group-id* GROUP::
Specify the recipient group ID in base64 encoding.
If not specified, a new group with a new random ID is generated.

*-n* NAME, *--name* NAME::
Specify the new group name.

*-d* DESCRIPTION, *--description* DESCRIPTION::
Specify the new group description.

*-a* AVATAR, *--avatar* AVATAR::
Specify a new group avatar image file.

*-m* [MEMBER [MEMBER ...]], *--member* [MEMBER [MEMBER ...]]::
Specify one or more members to add to the group.

*-r* [MEMBER [MEMBER ...]], *--remove-member* [MEMBER [MEMBER ...]]::
Specify one or more members to remove from the group

*--admin* [MEMBER [MEMBER ...]]::
Specify one or more members to make a group admin

*--remove-admin* [MEMBER [MEMBER ...]]::
Specify one or more members to remove group admin privileges

*--ban* [MEMBER [MEMBER ...]]::
Specify one or more members to ban from joining the group.
Banned members cannot join or request to join via a group link.

*--unban* [MEMBER [MEMBER ...]]::
Specify one or more members to remove from the ban list

*--reset-link*::
Reset group link and create new link password

*--link* LINK_STATE::
Set group link state: `enabled`, `enabled-with-approval`, `disabled`

*--set-permission-add-member* PERMISSION::
Set permission to add new group members: `every-member`, `only-admins`

*--set-permission-edit-details* PERMISSION::
Set permission to edit group details: `every-member`, `only-admins`

*--set-permission-send-messages* PERMISSION::
Set permission to send messages in group: `every-member`, `only-admins`
Groups where only admins can send messages are also called announcement groups

*-e* EXPIRATION_SECONDS, *--expiration* EXPIRATION_SECONDS::
Set expiration time of messages (seconds).
To disable expiration set expiration time to 0.

=== quitGroup

Send a quit group message to all group members and remove self from member list.
If the user is a pending member, this command will decline the group invitation.

*-g* GROUP, *--group-id* GROUP::
Specify the recipient group ID in base64 encoding.

*--delete*::
Delete local group data completely after quitting group.

=== listGroups

Show a list of known groups and related information.
In json mode this is outputted as an list of objects and is always in detailed mode.

*-d*, *--detailed*::
Include the list of members of each group and the group invite link.

*-g*, *--group-id*::
Filter the group list by one or more group IDs.

=== listContacts

Show a list of known contacts with names and profiles.
When a specific recipient is given, its profile will be refreshed.

RECIPIENT::
Specify the recipients’ phone number.

*-a*, *--all-recipients*::
Include all known recipients, not only contacts.

*--blocked*::
Specify if only blocked or unblocked contacts should be shown (default: all contacts)

*--name*::
Find contacts with the given contact or profile name.

=== listIdentities

List all known identity keys and their trust status, fingerprint and safety number.

*-n* NUMBER, *--number* NUMBER::
Only show identity keys for the given phone number.

=== trust

Set the trust level of a given number.
The first time a key for a number is seen, it is trusted by default (TOFU).
If the key changes, the new key must be trusted manually.

number::
Specify the phone number, for which to set the trust.

*-a*, *--trust-all-known-keys*::
Trust all known keys of this user, only use this for testing.

*-v* VERIFIED_SAFETY_NUMBER, *--verified-safety-number* VERIFIED_SAFETY_NUMBER::
Specify the safety number of the key, only use this option if you have verified the safety number.
Can be either the plain text numbers shown in the app or the bytes from the QR-code, encoded as base64.

=== updateProfile

Update the profile information shown to message recipients.
The profile is stored encrypted on the Signal servers.
The decryption key is sent with every outgoing messages to contacts and included in every group.

*--given-name* NAME, *--name* NAME::
New (given) name.

*--family-name* FAMILY_NAME::
New family name.

*--about* ABOUT_TEXT::
New profile status text.

*--about-emoji* EMOJI::
New profile status emoji.

*--avatar* AVATAR_FILE::
Path to the new avatar image file.

*--remove-avatar*::
Remove the avatar

*--mobile-coin-address*::
New MobileCoin address (Base64 encoded public address)

=== updateContact

Update the info associated to a number on our contact list.
This change is only local but can be synchronized to other devices by using `sendContacts` (see below).
If the contact doesn't exist yet, it will be added.

NUMBER::
Specify the contact phone number.

*--given-name* NAME, *--name* NAME::
New (given) name.

*--family-name* FAMILY_NAME::
New family name.

*-e*, *--expiration* EXPIRATION_SECONDS::
Set expiration time of messages (seconds).
To disable expiration set expiration time to 0.

=== removeContact

Remove the info of a given contact

NUMBER::
Specify the contact phone number.

*--forget*::
Delete all data associated with this contact, including identity keys and sessions.

=== block

Block the given contacts or groups (no messages will be received).
This change is only local but can be synchronized to other devices by using `sendContacts` (see below).

[CONTACT [CONTACT ...]]::
Specify the phone numbers of contacts that should be blocked.

*-g* [GROUP [GROUP ...]], *--group-id* [GROUP [GROUP ...]]::
Specify the group IDs that should be blocked in base64 encoding.

=== unblock

Unblock the given contacts or groups (messages will be received again).
This change is only local but can be synchronized to other devices by using `sendContacts` (see below).

[CONTACT [CONTACT ...]]::
Specify the phone numbers of contacts that should be unblocked.

*-g* [GROUP [GROUP ...]], *--group-id* [GROUP [GROUP ...]]::
Specify the group IDs that should be unblocked in base64 encoding.

=== sendContacts

Send a synchronization message with the local contacts list to all linked devices.
This command should only be used if this is the primary device.

=== sendSyncRequest

Send a synchronization request message to the primary device (for group, contacts, ...).
The primary device will respond with synchronization messages with full contact and group lists.

=== uploadStickerPack

Upload a new sticker pack, consisting of a manifest file and the sticker images.
Images must conform to the following specification: (see https://support.signal.org/hc/en-us/articles/360031836512-Stickers#sticker_reqs )

- Static stickers in PNG or WebP format
- Animated stickers in APNG format,
- Maximum file size for a sticker file is 300KiB
- Image resolution of 512 x 512 px

The required manifest.json has the following format:

[source,json]
----
{
  "title": "<STICKER_PACK_TITLE>",
  "author": "<STICKER_PACK_AUTHOR>",
  "cover": { // Optional cover, by default the first sticker is used as cover
    "file": "<name of image file, mandatory>",
    "contentType": "<optional>",
    "emoji": "<optional>"
  },
  "stickers": [
    {
      "file": "<name of image file, mandatory>",
      "contentType": "<optional>",
      "emoji": "<optional>"
    }
    ...
  ]
}
----

PATH::
The path of the manifest.json or a zip file containing the sticker pack you wish to upload.

=== daemon

signal-cli can run in daemon mode and provides an experimental dbus or JSON-RPC interface.
If no `-a` account is given, all local accounts will be exported as separate dbus objects under the same bus name.

*--dbus*::
Export DBus interface on user bus.
See signal-cli-dbus (5) for info on the dbus interface.

*--dbus-system*::
Export DBus interface on system bus.
See signal-cli-dbus (5) for info on the dbus interface.

*--socket [SOCKET]*::
Export a JSON-RPC interface on a UNIX socket (default $XDG_RUNTIME_DIR/signal-cli/socket).
See signal-cli-jsonrpc (5) for info on the JSON-RPC interface.

*--tcp [HOST:PORT]*::
Export a JSON-RPC interface on a TCP socket (default localhost:7583).
See signal-cli-jsonrpc (5) for info on the JSON-RPC interface.

*--ignore-attachments*::
Don’t download attachments of received messages.

*--ignore-stories*::
Don’t receive story messages from the server.

*--send-read-receipts*::
Send read receipts for all incoming data messages (in addition to the default delivery receipts)

*--no-receive-stdout*::
Don’t print received messages to stdout.

*--receive-mode*::
Specify when to start receiving messages (on-start, on-connection, manual)

== Examples

Register a number (with SMS verification)::
signal-cli -a ACCOUNT register

Verify the number using the code received via SMS or voice::
signal-cli -a ACCOUNT verify CODE

Send a message to one or more recipients::
signal-cli -a ACCOUNT send -m "This is a message" [RECIPIENT [RECIPIENT ...]] [-a [ATTACHMENT [ATTACHMENT ...]]]

Pipe the message content from another process::
uname -a | signal-cli -a ACCOUNT send --message-from-stdin [RECIPIENT [RECIPIENT ...]]

Create a group::
signal-cli -a ACCOUNT updateGroup -n "Group name" -m [MEMBER [MEMBER ...]]

Add member to a group::
signal-cli -a ACCOUNT updateGroup -g GROUP_ID -m "NEW_MEMBER"

Accept a group invitation::
signal-cli -a ACCOUNT updateGroup -g GROUP_ID

Leave a group::
signal-cli -a ACCOUNT quitGroup -g GROUP_ID

Send a message to a group::
signal-cli -a ACCOUNT send -m "This is a message" -g GROUP_ID

Trust new key, after having verified it::
signal-cli -a ACCOUNT trust -v SAFETY_NUMBER NUMBER

Trust new key, without having verified it. Only use this if you don't care about security::
signal-cli -a ACCOUNT trust -a NUMBER

== Exit codes

* *1*: Error is probably caused and fixable by the user
* *2*: Some unexpected error
* *3*: Server or IO error
* *4*: Sending failed due to untrusted key

== Files

The password and cryptographic keys are created when registering and stored in the current users home directory, the directory can be changed with *--config*:

`$XDG_DATA_HOME/signal-cli/` (`$HOME/.local/share/signal-cli/`)

== Authors

Maintained by AsamK <asamk@gmx.de>, who is assisted by other open source contributors.
For more information about signal-cli development, see
<https://github.com/AsamK/signal-cli>.