Claude-code-plugins-plus-skills klingai-install-auth
install
source · Clone the upstream repo
git clone https://github.com/jeremylongshore/claude-code-plugins-plus-skills
Claude Code · Install into ~/.claude/skills/
T=$(mktemp -d) && git clone --depth=1 https://github.com/jeremylongshore/claude-code-plugins-plus-skills "$T" && mkdir -p ~/.claude/skills && cp -r "$T/plugins/saas-packs/klingai-pack/skills/klingai-install-auth" ~/.claude/skills/jeremylongshore-claude-code-plugins-plus-skills-klingai-install-auth && rm -rf "$T"
manifest:
plugins/saas-packs/klingai-pack/skills/klingai-install-auth/SKILL.mdsource content
Kling AI Install & Auth
Overview
Kling AI uses JWT (JSON Web Token) authentication. You generate a token from your Access Key (AK) and Secret Key (SK), then pass it as a Bearer token in every request. Tokens expire after 30 minutes.
Base URL:
https://api.klingai.com/v1Prerequisites
- Kling AI account at klingai.com
- API access enabled (self-service, no waitlist)
- Python 3.8+ with
or Node.js 18+PyJWT
Step 1 — Get Credentials
- Sign in at app.klingai.com/global/dev
- Navigate to API Keys in the developer console
- Click Create API Key to generate an Access Key + Secret Key pair
- Store both values securely — the Secret Key is shown only once
# .env file KLING_ACCESS_KEY="ak_your_access_key_here" KLING_SECRET_KEY="sk_your_secret_key_here"
Step 2 — Generate JWT Token
Python
import jwt import time import os def generate_kling_token(): """Generate a JWT token for Kling AI API authentication.""" ak = os.environ["KLING_ACCESS_KEY"] sk = os.environ["KLING_SECRET_KEY"] headers = {"alg": "HS256", "typ": "JWT"} payload = { "iss": ak, "exp": int(time.time()) + 1800, # 30 min expiry "nbf": int(time.time()) - 5, # valid 5s ago (clock skew) } return jwt.encode(payload, sk, algorithm="HS256", headers=headers) token = generate_kling_token() # Use: Authorization: Bearer <token>
Node.js
import jwt from "jsonwebtoken"; function generateKlingToken() { const ak = process.env.KLING_ACCESS_KEY; const sk = process.env.KLING_SECRET_KEY; const payload = { iss: ak, exp: Math.floor(Date.now() / 1000) + 1800, nbf: Math.floor(Date.now() / 1000) - 5, }; return jwt.sign(payload, sk, { algorithm: "HS256", header: { typ: "JWT" } }); }
Step 3 — Verify Authentication
import requests BASE_URL = "https://api.klingai.com/v1" token = generate_kling_token() response = requests.get( f"{BASE_URL}/videos/text2video", # any endpoint to test auth headers={"Authorization": f"Bearer {token}"}, ) if response.status_code == 401: print("Auth failed — check AK/SK values") elif response.status_code in (200, 400): print("Auth working — credentials valid")
Token Management Pattern
import time class KlingAuth: """Auto-refreshing JWT token manager.""" def __init__(self, access_key: str, secret_key: str, buffer_sec: int = 300): self.ak = access_key self.sk = secret_key self.buffer = buffer_sec # refresh 5 min before expiry self._token = None self._expires_at = 0 @property def token(self) -> str: if time.time() >= (self._expires_at - self.buffer): self._refresh() return self._token def _refresh(self): now = int(time.time()) payload = {"iss": self.ak, "exp": now + 1800, "nbf": now - 5} self._token = jwt.encode(payload, self.sk, algorithm="HS256", headers={"alg": "HS256", "typ": "JWT"}) self._expires_at = now + 1800 @property def headers(self) -> dict: return { "Authorization": f"Bearer {self.token}", "Content-Type": "application/json", }
Error Handling
| Error | Cause | Fix |
|---|---|---|
| Invalid/expired JWT | Regenerate token, check AK/SK |
| API access not enabled | Enable API in developer console |
| JWT decode error | Wrong secret key | Verify SK matches the AK pair |
| Token expired | >30 min since generation | Implement auto-refresh (see above) |
| Clock skew error | Server time mismatch | Use |
Security Checklist
- Never commit AK/SK to version control
- Use
files with.env
exclusion.gitignore - Rotate keys quarterly via the developer console
- Use separate keys per environment (dev/staging/prod)
- Set
to 1800s max (Kling enforces this ceiling)exp