diff --git a/cmd/src/login.go b/cmd/src/login.go
index 43ccfe0347..9818c245b6 100644
--- a/cmd/src/login.go
+++ b/cmd/src/login.go
@@ -110,7 +110,11 @@ func loginCmd(ctx context.Context, p loginParams) error {
 	}
 
 	_, flow := selectLoginFlow(p)
-	return flow(ctx, p)
+	if err := flow(ctx, p); err != nil {
+		return err
+	}
+	fmt.Fprintf(p.out, "\n💡 Tip: To use this endpoint in your shell, run:\n\n   export SRC_ENDPOINT=%s\n\n", p.cfg.endpointURL)
+	return nil
 }
 
 // selectLoginFlow decides what login flow to run based on configured AuthMode.
diff --git a/cmd/src/login_test.go b/cmd/src/login_test.go
index 6a286c4b5a..1250d1adb9 100644
--- a/cmd/src/login_test.go
+++ b/cmd/src/login_test.go
@@ -115,7 +115,7 @@ func TestLogin(t *testing.T) {
 		if err != nil {
 			t.Fatal(err)
 		}
-		wantOut := "✔︎ Authenticated as alice on $ENDPOINT"
+		wantOut := "✔︎ Authenticated as alice on $ENDPOINT\n\n\n💡 Tip: To use this endpoint in your shell, run:\n\n   export SRC_ENDPOINT=$ENDPOINT"
 		wantOut = strings.ReplaceAll(wantOut, "$ENDPOINT", s.URL)
 		if out != wantOut {
 			t.Errorf("got output %q, want %q", out, wantOut)
@@ -156,7 +156,7 @@ func TestLogin(t *testing.T) {
 			t.Fatal("expected stored oauth token to avoid device flow")
 		}
 		gotOut := strings.TrimSpace(out.String())
-		wantOut := "✔︎ Authenticated as alice on $ENDPOINT\n\n\n✔︎ Authenticated with OAuth credentials"
+		wantOut := "✔︎ Authenticated as alice on $ENDPOINT\n\n\n✔︎ Authenticated with OAuth credentials\n\n💡 Tip: To use this endpoint in your shell, run:\n\n   export SRC_ENDPOINT=$ENDPOINT"
 		wantOut = strings.ReplaceAll(wantOut, "$ENDPOINT", s.URL)
 		if gotOut != wantOut {
 			t.Errorf("got output %q, want %q", gotOut, wantOut)