Skip to end of metadata
Go to start of metadata


Thank you for your interest in the Amplify CLI. This documentation covers the Amplify CLI up to version 1.5.x.

As always we seek to provide the best solutions possible to help you achieve your business needs. We recommend trying out the Axway CLI, which replaces the Amplify CLI and provides a richer feature set with a more robust experience. Check out the Axway CLI documentation for more information on how to download and try it out.

The troubleshooting section includes details on error and other messages you may receive using the Amplify CLI, why the message may have occurred, and suggested methods to resolve them.

Error: EACCESS: permission denied, access '/usr/local/lib/node_modules'

When installing the Amplify CLI on macOS or Linux, the global install location may require elevated access permissions.

One solution is to rerun the install using sudo:

Another option is to change the file owner of the global install location:

npm offers two more options: use a node version manager or change npm's default directory. Visit npm's documentation for more details:

Secure token store is not available

This issue can occur in Amplify CLI 1.1.0 and earlier on Linux and macOS. It is caused by a failure to install the keytar library needed to securely store your access tokens.

The most likely culprit is a permission issue accessing the npm home directory ~/.npm when compiling keytar. You can try to manually fix the file permissions or re-install the Amplify CLI with unsafe permissions disabled:

Error: Prebuild-install WARN install self signed certificate in certificate chain (code 1)

This issue is caused when the Amplify CLI attempts to install the keytar library and you are using a proxy server that uses a self-signed certificate. By default, Node.js (and npm) error when making an HTTPS request to a server that has a TLS certificate that is signed by an unknown authority. There are two workarounds.

1. Disable secure token storage:


2. Disable Node.js TLS certificate validation by setting the following environment variable:

Error: tunneling socket could not be established, cause=self signed certificate

This occurs when you are using a proxy server with a self-signed SSL certificate. The only way to get around this is to disable Node.js TLS certificate validation by setting the following environment variable:

Error: Fetch user info failed: Response code 401 (Unauthorized)

This is caused by a bug and occurs when you think you have a valid access token, but the Amplify Platform has revoked the access token. This is most likely caused by switching your current selected organization.

The workaround is to log out and log back in:

Error: Amplify Auth requires "libsecret" which must be manually installed.

The Amplify CLI by default will store your access tokens securely in a file on disk. On Linux, we use a library that requires libsecret. To install it, run:

Error: Cannot autolaunch D-Bus without X11 $DISPLAY

This issue occurs on headless Linux machines, Docker containers, and SSH sessions. The problem is the libsecret library has dependencies on X11 display server so that a dialog can prompt the user for their password and unlock the secure token store encryption key.

Unfortunately, headless Linux environments are not supported.

Login hangs

By default, the Amplify CLI authenticates using your web browser. The Amplify CLI will appear to freeze or hang while it waits for the browser to open and for you to sign in. The AMPLIFY CLI does not know if the browser launched successfully and thus it appears it has hung.

Try the following:

  1. Logout by running amplify auth logout --all, then login again.
  2. Restart your terminal to ensure the system paths are untainted and that the AMPLIFY CLI can find your default web browser, then login again.
  3. Disable launching the browser and manually copy and paste the URL into your browser by running amplify auth login --no-launch-browser.

Your web browser must be in the same environment for which the login command was run. You cannot authenticate a remote or headless machine unless you have been issued a signed JWT token or client secret service account by Axway ID.

Error: npm ERR! code ENOENT (code 254)

This error is caused with the AMPLIFY CLI v1 authentication related commands if the keytar dependency for your Node.js version is not installed. The AMPLIFY Auth SDK will automatically download keytar and install it into the ~/.axway/lib/keytar directory. However, some versions of npm (notably npm 7) may not create the destination directory if it doesn't already exist.

Some possible workarounds are:

  • Downgrade to npm 6.x
  • Set the SNOOPLOGG=* environment variable, then run amplify auth ls and view the entire npm error, then find the exact destination directory (also called the "prefix") and manually create the directory
  • Disable the secure token store by running amplify config set auth.tokenStoreType file
  • No labels