Does "sf org list" try to 'touch' all the orgs?

[codeulike]

The output from sf org list contains a column Status with 'connected' or 'unable to connect'.
Presumably it is doing this by testing its connection with each instance?
Does it refresh tokens if needed?
Thanks.

[cristiand391]

Presumably it is doing this by testing its connection with each instance?
Does it refresh tokens if needed?

correct, each org status value in that column requires an API call to see if the connection it's valid or not.
If the API call fails due to the access token in your auth file being expired it will refresh it.

Note that refreshing expired access tokens is done at the core libraries(jsforce and sfdx-core), so you shouldn't need to worry about running sf org list before any command jus to ensure tokens are valid b/c all commands handle that for you.

If you want a faster way to list auth'd orgs you can run:

1. sf org list --skip-connection-status: skips the conn check, it might do some API calls for scratch orgs but it's noticeable faster.
2. sf org list auth: only lists authenticated orgs, no API checks so some of them might not be usable (expired scratch org, deleted sandbox, etc).