Named profile manager for Claude Code, Codex CLI, and Gemini CLI.
Switch between work, personal, and client accounts in one command - across all three AI coding agents.
Claude Code, Codex CLI, and Gemini CLI each store credentials in different locations - files, OS keychains, and tool-specific directories. If you maintain separate work and personal accounts, or manage credentials for multiple clients, switching means editing hidden files, copying tokens, and hoping nothing breaks.
aisw solves this with named profiles. Each profile is a captured snapshot of a tool's auth state. Switching is a single command that atomically replaces the live credentials and produces a clean rollback on failure.
# Homebrew (macOS and Linux)
brew tap burakdede/tap
brew install aisw
# Shell installer (Linux/macOS)
curl -fsSL https://raw.githubusercontent.com/burakdede/aisw/main/install.sh | sh
# Cargo
cargo install aisw# Bootstrap: creates ~/.aisw/, offers shell-hook setup,
# imports any currently logged-in accounts
aisw init
# Store profiles
aisw add claude work --api-key "$ANTHROPIC_API_KEY"
aisw add claude personal
aisw add codex work --api-key "$OPENAI_API_KEY"
aisw add gemini work --api-key "$GEMINI_API_KEY"
# Switch
aisw use claude work
aisw use --all --profile personal # switch all tools at once
# Inspect
aisw status
aisw list| Tool | Binary | Auth methods | macOS | Linux | Windows |
|---|---|---|---|---|---|
| Claude Code | claude |
OAuth, API key | Full | Full | Full |
| Codex CLI | codex |
OAuth, API key | Full | Full | Full |
| Gemini CLI | gemini |
OAuth, API key | Full | Full | Full |
Credentials are stored in the native OS keyring where available (macOS Keychain, Linux Secret Service, Windows Credential Manager) and fall back to encrypted local files with 0600 permissions.
aisw init [--yes]
aisw add <tool> <profile> [--api-key KEY] [--from-env] [--from-live] [--label TEXT] [--set-active]
aisw use <tool> <profile> [--state-mode isolated|shared]
aisw use --all --profile <profile>
aisw list [tool] [--json]
aisw status [--json]
aisw remove <tool> <profile> [--yes] [--force]
aisw rename <tool> <old> <new>
aisw backup list [--json]
aisw backup restore <backup_id> [--yes]
aisw uninstall [--dry-run] [--remove-data] [--yes]
aisw shell-hook <bash|zsh|fish>
aisw doctor [--json]
Credentials never leave the local machine. There is no remote service, no telemetry, and no credential proxy. All profile files are written with 0600 permissions. OS keyring integration uses the platform-native API directly. See Security for the full posture.
MIT.