npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@beshkenadze/opencode-claude-auth

v0.7.3

Published

OpenCode plugin that uses your Claude Code credentials — no separate login needed.

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

beshkenadzebeshkenadze

Keywords

opencodeclaudeanthropicpluginauth

Readme

opencode-claude-auth (personal fork)

CI

Self-contained Anthropic auth provider for OpenCode using your Claude Code credentials — no separate login or API key needed.

How it works

The plugin registers its own auth provider with a custom fetch handler that intercepts all Anthropic API requests. It reads OAuth tokens from the macOS Keychain (or ~/.claude/.credentials.json on other platforms), caches them in memory with a 30-second TTL, and handles the full request lifecycle — no builtin Anthropic auth plugin required.

It also syncs credentials to OpenCode's auth.json as a fallback (on Windows, it writes to both %USERPROFILE%\.local\share\opencode\auth.json and %LOCALAPPDATA%\opencode\auth.json to cover all installation methods). If a token is near expiry, it runs the Claude CLI to trigger a refresh. Background re-sync runs every 5 minutes.

Prerequisites

  • Claude Code installed and authenticated (run claude at least once)
  • OpenCode installed

macOS is preferred (uses Keychain). Linux and Windows work via the credentials file fallback.

Installation

Install with AI

Paste this into your AI agent (Claude Code, Cursor, Copilot, etc.):

Fetch https://raw.githubusercontent.com/beshkenadze/opencode-claude-auth/security-hardening/installation.md and follow every step exactly as written.

Manual install

bun install -g "github:beshkenadze/opencode-claude-auth#security-hardening"

Then add to the plugin array in your opencode.json:

{
  "plugin": ["@beshkenadze/opencode-claude-auth"]
}

Usage

Just run OpenCode. The plugin handles auth automatically — it reads your Claude Code credentials, provides them to the Anthropic API, and refreshes them in the background. If your credentials aren't OAuth-based, the plugin falls through to standard API key auth.

Supported models

15 supported models. Run bun run test:models to verify against your account.

| Model | |-------| | claude-3-haiku-20240307 | | claude-haiku-4-5 | | claude-haiku-4-5-20251001 | | claude-opus-4-0 | | claude-opus-4-1 | | claude-opus-4-1-20250805 | | claude-opus-4-20250514 | | claude-opus-4-5 | | claude-opus-4-5-20251101 | | claude-opus-4-6 | | claude-sonnet-4-0 | | claude-sonnet-4-20250514 | | claude-sonnet-4-5 | | claude-sonnet-4-5-20250929 | | claude-sonnet-4-6 |

Credential sources

The plugin checks these in order:

  1. macOS Keychain ("Claude Code-credentials" entry)
  2. ~/.claude/.credentials.json (fallback, works on all platforms)

Troubleshooting

| Problem | Solution | |---------|----------| | "Credentials not found" | Run claude to authenticate with Claude Code first | | "Keychain is locked" | Run security unlock-keychain ~/Library/Keychains/login.keychain-db | | "Token expired and refresh failed" | The plugin runs claude CLI to refresh automatically. If this fails, re-authenticate manually by running claude | | Not working on Linux/Windows | Ensure ~/.claude/.credentials.json exists. Run claude to create it | | Keychain access denied | Grant access when macOS prompts you | | Keychain read timed out | Restart Keychain Access (can happen on macOS Tahoe) | | "Credentials are unavailable or expired" | Run claude to refresh your Claude Code credentials |

Environment variable overrides

All configurable parameters can be overridden via environment variables. If Anthropic changes something before we publish an update, set an env var and keep working:

| Variable | Description | Default | |----------|-------------|---------| | ANTHROPIC_CLI_VERSION | Claude CLI version for user-agent and billing headers | 2.1.80 | | ANTHROPIC_USER_AGENT | Full User-Agent string (overrides CLI version) | claude-cli/{version} (external, cli) | | ANTHROPIC_BETA_FLAGS | Comma-separated beta feature flags | claude-code-20250219,oauth-2025-04-20,interleaved-thinking-2025-05-14,prompt-caching-scope-2026-01-05 |

Example:

export ANTHROPIC_CLI_VERSION=2.2.0

How it works (technical)

  • Registers an auth.loader with a custom fetch that intercepts all Anthropic API requests
  • Sets Authorization: Bearer with fresh OAuth tokens (cached in memory, 30s TTL)
  • Translates tool names between OpenCode and Anthropic API formats (adds/strips mcp_ prefix)
  • Buffers SSE response streams at event boundaries for reliable tool name translation
  • Injects Claude Code identity into system prompts via experimental.chat.system.transform
  • Sets required API headers (beta flags, billing, user-agent) with model-aware selection
  • Syncs credentials to auth.json on startup and every 5 minutes as a fallback
  • On Windows, writes to both %USERPROFILE%\.local\share\opencode\auth.json and %LOCALAPPDATA%\opencode\auth.json
  • Retries API requests on 429 (rate limit) and 529 (overloaded) with exponential backoff, respecting retry-after headers
  • When a token is within 60 seconds of expiry, runs claude CLI to trigger a refresh (with one automatic retry)
  • If credentials aren't OAuth-based, the auth loader returns {} and falls through to API key auth
  • If credentials are unavailable or unreadable, the plugin disables itself and OpenCode continues without Claude auth

Disclaimer

This plugin uses Claude Code's OAuth credentials to authenticate with Anthropic's API. Anthropic's Terms of Service state that Claude Pro/Max subscription tokens should only be used with official Anthropic clients. This plugin exists as a community workaround and may stop working if Anthropic changes their OAuth infrastructure. Use at your own discretion.

License

MIT