npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

opencode-kiro-auth

v1.0.0

Published

Kiro Desktop Auth plugin for Opencode - access Claude and Gemini using Kiro credentials

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

freedomzerofreedomzero

Keywords

opencodekiroawscodewhispereroauthpluginauthclaudegemini

Readme

opencode-kiro-auth

Opencode plugin for Kiro Desktop Auth (AWS CodeWhisperer).

Access Claude and Gemini models using Kiro Desktop credentials with automatic account rotation.

Features

  • Kiro Desktop Auth: Uses Kiro's refresh token-based authentication
  • Multi-account Rotation: Automatically switch between accounts on rate limits (429)
  • Automatic Token Refresh: Tokens are refreshed automatically when they expire
  • Sticky Account Selection: Keeps using the same account until rate-limited
  • Configurable: Support for global and project-local configuration files

Installation

# Using npm
npm install opencode-kiro-auth

# Using bun
bun add opencode-kiro-auth

Configuration

Config File Locations

Priority (highest wins):

  • Project: .opencode/kiro.json
  • User: ~/.config/opencode/kiro.json (Linux/Mac)
  • User: %APPDATA%\opencode\kiro.json (Windows)

Environment Variables

Environment variables always override config file values:

| Variable | Description | Default | |----------|-------------|----------| | OPENCODE_KIRO_QUIET | Suppress toast notifications | false | | OPENCODE_KIRO_DEBUG | Enable debug logging | false | | OPENCODE_KIRO_ACCOUNT_SELECTION_STRATEGY | Account selection strategy (sticky, round-robin) | sticky | | OPENCODE_KIRO_PID_OFFSET_ENABLED | Enable PID-based account offset | false |

Example Config

{
  "quiet_mode": false,
  "debug": false,
  "max_rate_limit_wait_seconds": 300,
  "account_selection_strategy": "sticky",
  "pid_offset_enabled": false,
  "switch_on_first_rate_limit": true,
  "auto_update": true
}

OpenCode Provider Configuration

To enable multimodal support (images, PDFs), you need to configure model capabilities in your OpenCode settings.

Add this to your OpenCode configuration file (.opencode/settings.json or global settings):

{
  "provider": {
    "kiro": {
      "name": "Kiro",
      "models": {
        "claude-sonnet-4.5": {
          "name": "Claude Sonnet 4.5",
          "modalities": {
            "input": ["text", "image", "pdf"],
            "output": ["text"]
          }
        },
        "claude-opus-4.5": {
          "name": "Claude Opus 4.5",
          "modalities": {
            "input": ["text", "image", "pdf"],
            "output": ["text"]
          }
        },
        "claude-haiku-4.5": {
          "name": "Claude Haiku 4.5",
          "modalities": {
            "input": ["text"],
            "output": ["text"]
          }
        }
      }
    }
  }
}

Important Notes:

  • Vision support: Only claude-sonnet-4.5 and claude-opus-4.5 support image inputs
  • Haiku models: Do not support images - only text input/output
  • Without modalities configuration, OpenCode will block image inputs even if the model supports them

Authentication

Prerequisites

Before adding accounts, you must first configure the provider in OpenCode settings (see OpenCode Provider Configuration section above).

Adding Accounts

There are two methods to add Kiro accounts:

Method 1: Auto-detect (Recommended)

If you have Kiro Desktop installed and logged in, the plugin will automatically detect your credentials:

  1. Open OpenCode settings
  2. Navigate to ProvidersAdd Provider
  3. Select Kiro
  4. Choose "Kiro Desktop (Auto-detect)"
  5. The plugin will automatically find your Kiro Desktop token

The plugin searches for tokens in these locations:

  • macOS: ~/.aws/sso/cache/kiro-auth-token.json or ~/Library/Application Support/Kiro/kiro-auth-token.json
  • Linux: ~/.aws/sso/cache/kiro-auth-token.json
  • Windows: %LOCALAPPDATA%\.aws\sso\cache\kiro-auth-token.json or %USERPROFILE%\.aws\sso\cache\kiro-auth-token.json

Method 2: Manual (Refresh Token)

If auto-detect doesn't work or you want to add multiple accounts:

  1. Open OpenCode settings
  2. Navigate to ProvidersAdd Provider
  3. Select Kiro
  4. Choose "Manual (Refresh Token)"
  5. Enter your refresh token and region

How to get your refresh token:

  1. Log in to Kiro Desktop
  2. Find the token file at one of the locations listed above
  3. Open the JSON file and copy the refreshToken value

Account Storage

Accounts are stored in:

  • Linux/Mac: ~/.config/opencode/kiro-accounts.json
  • Windows: %APPDATA%\opencode\kiro-accounts.json

Each account includes:

  • email: Account email (optional)
  • refreshToken: Kiro refresh token
  • region: AWS region
  • addedAt: When the account was added
  • lastUsed: When the account was last used
  • rateLimitResetTime: When rate limit expires (if applicable)

Account Rotation

The plugin automatically rotates accounts based on the following events:

429 Rate Limit

  • Mark account as rate-limited for the duration specified in retry-after header
  • Switch to next available account
  • Retry after cooldown

401 Unauthorized

  • Attempt token refresh
  • If refresh fails, mark account for cooldown
  • Switch to next available account

5xx Server Errors

  • Mark account for temporary cooldown (30 seconds)
  • Switch to next available account
  • Retry after cooldown

Development

npm run build
npm run typecheck

Publishing to npm

Prerequisites

  1. Create an npm account at https://www.npmjs.com/signup
  2. Login to npm:
    npm login

Publishing Steps

  1. Update version in package.json:

    npm version patch  # for bug fixes (1.0.0 -> 1.0.1)
npm version minor  # for new features (1.0.0 -> 1.1.0)
npm version major  # for breaking changes (1.0.0 -> 2.0.0)

  2. Build the package:

    npm run build

  3. Test the package locally (optional):

    npm pack
# This creates a .tgz file you can test with: npm install ./opencode-kiro-auth-1.0.0.tgz

  4. Publish to npm:

    npm publish

Publishing Checklist

Before publishing, ensure:

  • ✅ All tests pass (npm run typecheck)
  • ✅ Build succeeds (npm run build)
  • dist/ directory contains compiled files
  • README.md is up to date
  • ✅ Version number is updated in package.json
  • ✅ Git changes are committed
  • ✅ No sensitive data in the package

What Gets Published

The files field in package.json controls what gets published:

"files": [
  "dist/",
  "README.md",
  "LICENSE"
]

Only these files/directories will be included in the npm package.

Unpublishing (Emergency Only)

If you need to unpublish a version within 72 hours:

npm unpublish [email protected]

Note: Unpublishing is discouraged. Use npm deprecate instead for older versions:

npm deprecate [email protected] "Please upgrade to 1.0.1"

Credits

This project is heavily inspired by and based on antigravity-auth, an OpenCode plugin for Google Gemini authentication with multi-account rotation.

The account management, rotation logic, and plugin architecture were adapted from antigravity-auth's excellent implementation.

License

MIT