> ## Documentation Index
> Fetch the complete documentation index at: https://authsome.ai/docs/llms.txt
> Use this file to discover all available pages before exploring further.

# Linear

> Log in to Linear from authsome via OAuth2. Tokens are stored locally and refreshed automatically.

Linear is a bundled OAuth2 provider in authsome. Linear teams, projects, issues, comments. Read and write scopes.

## At a glance

|                           |                           |
| ------------------------- | ------------------------- |
| Provider name             | `linear`                  |
| Display name              | Linear                    |
| Auth type                 | OAuth2                    |
| Default flow              | `pkce`, PKCE browser flow |
| PKCE supported            | Yes                       |
| Device code supported     | No                        |
| DCR supported             | No                        |
| Default scopes            | `read`, `write`           |
| Proxy host                | `regex:.*\.linear\.app`   |
| Env var (`access_token`)  | `LINEAR_ACCESS_TOKEN`     |
| Env var (`refresh_token`) | `LINEAR_REFRESH_TOKEN`    |

## Prerequisites

You need to register an OAuth app with Linear once. Create an OAuth application in your Linear workspace settings. Set the callback URL to authsome's, and copy the client ID and secret.

The redirect URI must be:

```text theme={null}
http://127.0.0.1:7998/auth/callback/oauth
```

This is the only callback URL authsome's PKCE flow listens on.

Dashboard: [https://linear.app/settings/api/applications/new](https://linear.app/settings/api/applications/new).

## Log in

```bash theme={null}
authsome login linear
```

The first time, authsome opens a local form at `http://127.0.0.1:7998` to collect your `client_id` and `client_secret`. They are encrypted in your vault and reused on every subsequent login. A second browser window then opens to `https://linear.app/oauth/authorize` for the authorization step.

Verify:

```bash theme={null}
authsome get linear --field status
# → connected
```

## Custom scopes

The bundled definition requests `read`, `write`. Override at login time:

```bash theme={null}
authsome login linear --scopes "<comma-separated>"
```

The granted scopes are stored on the connection and visible in `authsome get linear`.

## Multiple accounts

Pass `--connection <name>` on `login` and on every read command to keep two or more accounts on the same provider side by side. See [Multiple connections per provider](/guides/multiple-connections) for the full pattern.

```bash theme={null}
authsome login linear --connection personal
authsome login linear --connection work
```

## Use the token

Run the agent under the proxy (recommended).

<CodeGroup>
  ```bash Proxy (recommended) theme={null}
  authsome run -- python my_agent.py
  ```

  ```bash Environment theme={null}
  eval "$(authsome export linear --format env)"
  ```
</CodeGroup>

Under the proxy, authsome sets `LINEAR_ACCESS_TOKEN=authsome-proxy-managed` in the child's environment and injects the real token into outbound requests to `regex:.*\.linear\.app`. The child process never sees the actual value. Refresh tokens are never exported.

## Override the bundled definition

```bash theme={null}
authsome inspect linear > ~/.authsome/providers/linear.json
# edit scopes, base_url, or anything else
authsome list   # source now shows "custom" for linear
```

User-registered files always win over bundled definitions.

## What's next

<Columns cols={2}>
  <Card title="Run agents with the proxy" icon="shield-halved" href="/guides/run-agents-with-proxy">
    Inject the access token into outbound requests without exposing it.
  </Card>

  <Card title="Multiple connections per provider" icon="users" href="/guides/multiple-connections">
    Keep two or more accounts on the same provider side by side.
  </Card>

  <Card title="OAuth providers" icon="right-to-bracket" href="/integrations/oauth/index">
    All bundled OAuth providers.
  </Card>
</Columns>
