---
description: Troubleshoot common YutoCode issues such as login failures, authorization problems, provider 403 responses, or unavailable commands.
---

# Troubleshooting

## 1. `yuto` Is Not Found After Installation

Run:

```bash
yuto --version
```

If the shell says the command does not exist, the common causes are:

- installation did not finish
- the current shell session has not refreshed its environment
- the terminal window is still using a pre-install session

The simplest fix is usually to open a fresh terminal and run `yuto --version` again.

## 2. Browser Error After OpenAI Codex Login

The recommended flow is to paste the full browser redirect URL back into the terminal:

```text
http://localhost:1455/auth/callback?code=...&state=...
```

If you only copy part of it, or do not paste the full callback URL back, the login will not complete.

## 3. Anthropic OAuth Returns 403

If you see something like:

```text
OAuth authentication is currently not allowed for this organization
```

the current organization policy is blocking that OAuth path. In practice the options are:

- switch to an organization that allows the capability
- use `ANTHROPIC_API_KEY` instead

## 4. A Command Says the Current Version Does Not Include That Subsystem

If you see a message like:

```text
This source snapshot does not include this subsystem yet.
```

do not assume the installation is broken first. A more common explanation is that the public version you are using does not expose that subsystem yet.

Check these first:

1. `yuto --version`
2. `yuto update --check`

and verify whether you are already on the latest public release.

## 5. Not Sure Which Provider Is Currently Active

Run:

```bash
yuto auth status --json
```

If you maintain multiple profiles, also run:

```bash
yuto auth profiles --json
```

This is more reliable than trying to infer it from memory.

## 6. What to Include When Reporting a Problem

Start by collecting:

```bash
yuto doctor --json
yuto auth status --json
```

Then add:

- the failing command
- the complete error output
- the current working directory
- the operating-system version

## 7. What Not to Share Publicly

Do not post these items publicly:

- API keys
- OAuth access tokens
- refresh tokens
- the full contents of credential files

If you must share a config example, redact it first and keep only the structure plus non-sensitive fields.