CLI

The FlurryPORT CLI (npm package: flurryport) is the bridge between captures stored on FlurryPORT and code running on your laptop. It is the only way to forward live webhook traffic — captures or replay sequences — to a localhost dev server, because FlurryPORT itself runs in the cloud and cannot reach your machine.

Use cases

Solo developer forwarding to localhost

You point Stripe (or any provider) at a FlurryPORT capture URL. Captures land in FlurryPORT encrypted. To exercise your local webhook handler with real provider traffic, create a replay target pointing at http://localhost:3000/webhooks (or wherever your dev server listens), then run flurryport listen. Every capture on that endpoint is forwarded to localhost with the original headers, body, and HMAC signature intact. The response your local server returns is recorded back to FlurryPORT so you can see pass/fail in the UI.

Team sharing via Personal Access Tokens

A project owner generates a PAT in Settings → Access Tokens and shares it with a teammate. The teammate runs flurryport login --name alice <token> to store it as a named account. They can now create their own replay target pointing at their localhost (flurryport target create) and flurryport listen to receive forwards. PAT restrictions prevent them from deleting or mutating the owner’s projects, endpoints, or captures — only replay-related writes are allowed.

Install

npm install -g flurryport

The flurryport binary is installed globally. Run flurryport --help for a full command list.

First run

Generate a Personal Access Token in Settings → Access Tokens, then store it:

# Single account on the default (prod) environment
flurryport login fp_your_token_here

# Named account, useful when you have more than one
flurryport login --name alice fp_your_token_here

You only need to do this once per account. The token is stored in ~/.flurryport/config.json.

Commands

listen

Discover localhost replay targets, attach to one, and forward executions until you press Ctrl+C.

flurryport listen
flurryport listen --interval 5000          # custom poll interval (default 3000ms)
flurryport listen --account alice          # override active account for this run

When the CLI starts, any pending executions created before startup are marked as stale and dead-lettered — it only forwards executions created after it begins listening. This prevents replaying a stale backlog when you restart.

Sequence replays (triggered from the UI via "Run collection") are grouped under a header in the CLI output, so you can visually track multi-item runs.

target create

Create a replay target without leaving the terminal. With no flags, the wizard auto-picks the only project/endpoint or prompts when there are several.

# Interactive wizard
flurryport target create

# Fully scripted (skip all prompts)
flurryport target create \
  --project my-project \
  --endpoint stripe-webhook \
  --url http://localhost:3000/webhooks \
  --name "My local"

Targets created via the CLI default to AutoReplay: false. Auto-forward must be enabled in the web UI — the CLI deliberately does not flip that flag because auto-forward to an unverified domain would amplify webhook traffic. (Localhost is exempt from domain verification because the CLI is what delivers it.)

login

flurryport login fp_your_token_here              # default account
flurryport login --name alice fp_token            # named account in the active environment

account

Manage multiple accounts within the active environment. Useful when you contribute to several teams’ projects.

flurryport account list           # list accounts in active environment
flurryport account use alice      # switch active account
flurryport account remove alice   # delete an account from config

config

flurryport config show

Shows the active account and all configured accounts.

Configuration file

Config lives at ~/.flurryport/config.json and is rewritten on every command. Direct editing is supported.

{
  "activeEnvironment": "prod",
  "environments": {
    "prod": {
      "apiUrl": "https://api.flurryport.io",
      "activeAccount": "me",
      "accounts": {
        "me":    { "apiKey": "fp_..." },
        "alice": { "apiKey": "fp_..." }
      }
    }
  }
}

Pre-existing flat configs ({ apiUrl, apiKey }) from earlier CLI versions are auto-migrated to the new shape on first load.

Authentication & PAT restrictions

The CLI authenticates via fp_ Personal Access Tokens passed as Authorization: Bearer fp_.... The Users and Billing APIs reject PAT auth entirely — only the Core API accepts it, and only for these operations:

✓

Reading projects, endpoints, captures, replay targets, executions, sequences, collections

✓

Creating, updating, and deleting replay targets

✓

Triggering replays, batch replays, sequence replays, and collection runs

✓

Recording CLI replay results back to FlurryPORT

✗

Mutating projects, endpoints, captures, plans, billing, or domain verifications

✗

Anything in the Users or Billing APIs (settings, terms, feedback, subscriptions)

This means a teammate with your PAT can forward your captures to their localhost and create their own replay targets, but cannot delete your projects, modify your billing, or extend their own access. Lost or leaked tokens can be revoked individually from Settings.

How `listen` works internally

CLI fetches your projects + endpoints + replay targets, filters to those with localhost URLs.

You pick which target to attach to (auto-selected when there’s only one).

Any pending executions created before this CLI session started are claimed and dead-lettered — prevents replaying a stale backlog on restart.

CLI polls the pending-executions endpoint every few seconds for the chosen target.

For each pending execution, fetches the original captured request, decrypts on the server side, returns the bytes, and the CLI POSTs them to your localhost URL with the original method + headers + body.

The response (status, headers, body preview, duration) is recorded back to FlurryPORT via /api/v1/replay/record, so the execution shows up complete in the web UI.

Limitations & notes

⚠️ The server-side replay processor deliberately skips localhost targets — only the CLI can forward to localhost. If you trigger a replay to a localhost target while the CLI is not running, it sits Pending for one minute and is then marked dead-lettered.

⚠️ The CLI does not honor the StopOnFailure flag itself. The server marks remaining sequence items as Skipped on the first non-2xx response, so the CLI’s next poll won’t see them — the effect is the same, but the mechanism is server-side, not client-side.

⚠️ Multiple `flurryport listen` instances on the same target compete for executions. The pending-executions endpoint claims rows atomically, so each execution is forwarded exactly once — but ordering is not guaranteed across competing listeners.