opencode-qwen-cli-auth
Advanced tools
Qwen OAuth authentication plugin for opencode - use your Qwen account instead of API keys
OAuth plugin for OpenCode to use Qwen for free via Qwen Account, compatible with the qwen-code CLI mechanism.
Configure in opencode.json:
{
"$schema": "https://opencode.ai/config.json",
"plugin": ["opencode-qwen-cli-auth"],
"model": "qwen-code/coder-model"
}
opencode auth login
Select provider Qwen Code (qwen.ai OAuth) and follow the instructions:
To add more accounts, run opencode auth login again.
The plugin stores each successful login in the multi-account store and can auto-switch on quota exhaustion.
| Model | ID | Input | Output | Context | Max Output | Cost |
|---|---|---|---|---|---|---|
| Qwen Coder (Qwen 3.5 Plus) | coder-model | text | text | 1M tokens | 65,536 tokens | Free |
| Qwen VL Plus (Vision) | vision-model | text, image | text | 128K tokens | 8,192 tokens | Free |
coder-model is marked as reasoning-capable in OpenCode UI.reasoning, reasoningEffort, or reasoning_effort, the plugin removes these fields before forwarding requests.| Variable | Description | Value |
|---|---|---|
QWEN_CLI_PATH | Path to qwen CLI (for fallback) | Default: auto-detect |
QWEN_MODE | Qwen mode toggle | 1/true (default) |
DEBUG_QWEN_PLUGIN=1 | Enable debug logging | Optional |
ENABLE_PLUGIN_REQUEST_LOGGING=1 | Enable request logging to file | Optional |
OPENCODE_QWEN_ENABLE_CLI_FALLBACK=1 | Enable CLI fallback on quota error | Optional |
OPENCODE_QWEN_ACCOUNTS_PATH | Override multi-account store path (must be inside ~/.qwen) | Optional |
OPENCODE_QWEN_QUOTA_COOLDOWN_MS | Cooldown for exhausted accounts | Default: 86400000 (24h) |
# Debug mode - logs to console
DEBUG_QWEN_PLUGIN=1 opencode run "hello" --model=qwen-code/coder-model
# Request logging - saves detailed JSON files
ENABLE_PLUGIN_REQUEST_LOGGING=1 opencode run "hello" --model=qwen-code/coder-model
Log files are stored at: ~/.opencode/logs/qwen-plugin/
1. OpenCode requests auth -> Plugin
2. Plugin requests device code from Qwen OAuth Server
3. Displays URL + code to user
4. User opens URL and enters code to authorize
5. Plugin polls token from Qwen OAuth Server
6. Saves token and returns to OpenCode
7. All API requests are injected with headers and sent to DashScope
~/.qwen/oauth_creds.json~/.qwen/oauth_accounts.json~/.qwen/oauth_accounts.lockThe plugin automatically injects required headers for DashScope OAuth:
X-DashScope-AuthType: qwen-oauth
X-DashScope-CacheControl: enable
User-Agent: QwenCode/{cli-version} ({platform}; {arch})
X-DashScope-UserAgent: QwenCode/{cli-version} ({platform}; {arch})
When hitting a 429 insufficient_quota error, the plugin automatically:
qwen CLI only for text-only payloads when OPENCODE_QWEN_ENABLE_CLI_FALLBACK=1 is set401/403, marks current account as auth_invalid and switches to next healthy account when availableopencode auth login)# View saved token
cat ~/.qwen/oauth_creds.json
# View multi-account store
cat ~/.qwen/oauth_accounts.json
PowerShell:
Remove-Item -Recurse -Force "$HOME/.opencode/qwen"
Remove-Item -Force "$HOME/.qwen/oauth_creds.json"
Bash (Linux/macOS):
rm -rf ~/.opencode/qwen
rm ~/.qwen/oauth_creds.json
# Clear old token and login again
opencode auth logout
opencode auth login
dist/
├── index.js # Entry point, exports QwenAuthPlugin
├── lib/
│ ├── auth/
│ │ ├── auth.js # OAuth flow: device code, poll token, refresh
│ │ └── browser.js # Browser opener utility
│ ├── config.js # Config paths, QWEN_MODE
│ ├── constants.js # Constants: OAuth endpoints, headers, errors
│ ├── logger.js # Logging utilities
│ └── types.js # TypeScript types
| Hook | Purpose |
|---|---|
auth.loader | Provides apiKey, baseURL, custom fetch |
auth.methods.authorize | Device Authorization OAuth flow |
config | Registers provider and models |
chat.params | Sets timeout, maxRetries, max_tokens limits |
chat.headers | Injects DashScope headers |
| Feature | Old Plugin | This Plugin |
|---|---|---|
| OAuth Device Flow | ✓ | ✓ |
| Custom fetch layer | ✗ | ✓ |
| DashScope headers | ✗ | ✓ (auto-inject) |
| Output token capping | ✗ | ✓ |
| Quota degradation | ✗ | ✓ |
| CLI fallback | ✗ | ✓ (optional) |
| Multi-process lock | ✗ | ✓ |
| Legacy token migration | ✗ | ✓ |
1. Persistent insufficient_quota errors
OPENCODE_QWEN_ENABLE_CLI_FALLBACK=12. OAuth timeout
DEBUG_QWEN_PLUGIN=13. Cannot find qwen CLI
npm install -g @qwen-code/qwen-codeQWEN_CLI_PATH=/path/to/qwen4. Token not saving
~/.qwen/ directoryENABLE_PLUGIN_REQUEST_LOGGING=1npm install
npm run build
npm test
npm run typecheck
npm run lint
npm run format
MIT
Geoff Hammond
All contributions (PRs, issues, feedback) are welcome at the GitHub repository.
FAQs
Qwen OAuth authentication plugin for opencode - use your Qwen account instead of API keys
The npm package opencode-qwen-cli-auth receives a total of 50 weekly downloads. As such, opencode-qwen-cli-auth popularity was classified as not popular.
We found that opencode-qwen-cli-auth demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
/Security News
A malicious NuGet package impersonating Sicoob exfiltrated client IDs, PFX passwords, and banking certificates through Sentry telemetry.
Security News
Feross Aboukhadijeh joins TBPN to discuss Socket's $60M Series C, 500%+ ARR growth, AI's impact on open source, and the rise in supply chain attacks.
Security News
OSV withdrew 157 OSV malware reports after automated false positives incorrectly flagged trusted npm and PyPI packages, sending bad records into tools that rely on OSV data.