Skip to main content Execute set up Kling AI API authentication and configure API keys. Use when starting a new Kling AI
integration or troubleshooting auth issues. Trigger with phrases like 'kling ai setup',
'klingai api key', 'kling ai authentication', 'configure klingai'.
npx skills add jeremylongshore/claude-code-plugins-plus-skills --skill klingai-install-auth ai automation claude-code devops mcp ai-agents
Kling AI Install & Auth
Overview
Kling AI uses JWT (JSON Web Token) authentication. You generate a token from your Access Key (AK) and Secret Key (SK), then pass it as a Bearer token in every request. Tokens expire after 30 minutes.
Base URL: https://api.klingai.com/v1
Prerequisites
Kling AI account at klingai.com
API access enabled (self-service, no waitlist)
Python 3.8+ with PyJWT or Node.js 18+
Step 1 — Get Credentials
Sign in at app.klingai.com/global/dev
Navigate to API Keys in the developer console
Click Create API Key to generate an Access Key + Secret Key pair
Store both values securely — the Secret Key is shown only once
# .env file
KLING_ACCESS_KEY="ak_your_access_key_here"
KLING_SECRET_KEY="sk_your_secret_key_here"
Step 2 — Generate JWT Token
Python
import jwt
import time
import os
def generate_kling_token():
"""Generate a JWT token for Kling AI API authentication."""
ak = os.environ["KLING_ACCESS_KEY"]
sk = os.environ["KLING_SECRET_KEY"]
headers = {"alg": "HS256", "typ": "JWT"}
payload = {
"iss": ak,
"exp": int(time.time()) + 1800, # 30 min expiry
"nbf": int(time.time()) - 5, # valid 5s ago (clock skew)
}
return jwt.encode(payload, sk, algorithm="HS256", headers=headers)
token = generate_kling_token()
# Use: Authorization: Bearer <token>
Node.js import jwt from "jsonwebtoken";
function generateKlingToken() {
const ak = process.env.KLING_ACCESS_KEY;
const sk = process.env.KLING_SECRET_KEY;
const payload = {
iss: ak,
exp: Math.floor(Date.now() / 1000) + 1800,
nbf: Math.floor(Date.now() / 1000) - 5,
};
return jwt.sign(payload, sk, { algorithm: "HS256", header: { typ: "JWT" } });
}
Step 3 — Verify Authentication import requests
BASE_URL = "https://api.klingai.com/v1"
token = generate_kling_token()
response = requests.get(
f"{BASE_URL}/videos/text2video", # any endpoint to test auth
headers={"Authorization": f"Bearer {token}"},
)
if response.status_code == 401:
print("Auth failed — check AK/SK values")
elif response.status_code in (200, 400):
print("Auth working — credentials valid")
Token Management Pattern import time
class KlingAuth:
"""Auto-refreshing JWT token manager."""
def __init__(self, access_key: str, secret_key: str, buffer_sec: int = 300):
self.ak = access_key
self.sk = secret_key
self.buffer = buffer_sec # refresh 5 min before expiry
self._token = None
self._expires_at = 0
@property
def token(self) -> str:
if time.time() >= (self._expires_at - self.buffer):
self._refresh()
return self._token
def _refresh(self):
now = int(time.time())
payload = {"iss": self.ak, "exp": now + 1800, "nbf": now - 5}
self._token = jwt.encode(payload, self.sk, algorithm="HS256",
headers={"alg": "HS256", "typ": "JWT"})
self._expires_at = now + 1800
@property
def headers(self) -> dict:
return {
"Authorization": f"Bearer {self.token}",
"Content-Type": "application/json",
}
Error Handling Error Cause Fix 401 UnauthorizedInvalid/expired JWT Regenerate token, check AK/SK 403 ForbiddenAPI access not enabled Enable API in developer console JWT decode error Wrong secret key Verify SK matches the AK pair Token expired >30 min since generation Implement auto-refresh (see above) Clock skew error Server time mismatch Use nbf: now - 5 for tolerance
Security Checklist
Never commit AK/SK to version control
Use .env files with .gitignore exclusion
Rotate keys quarterly via the developer console
Use separate keys per environment (dev/staging/prod)
Set exp to 1800s max (Kling enforces this ceiling)
Resources Create or update AgentSkills. Use when designing, structuring, or packaging skills with scripts, references, and assets.
Create or update AgentSkills. Use when designing, structuring, or packaging skills with scripts, references, and assets.
Set up and use 1Password CLI (op). Use when installing the CLI, enabling desktop app integration, signing in (single or multi-account), or reading/injecting/running secrets via op.
CLI to manage emails via IMAP/SMTP. Use `himalaya` to list, read, write, reply, forward, search, and organize emails from the terminal. Supports multiple accounts and message composition with MML (MIME Meta Language).
Create or update AgentSkills. Use when designing, structuring, or packaging skills with scripts, references, and assets.
Create or update AgentSkills. Use when designing, structuring, or packaging skills with scripts, references, and assets.
Set up and use 1Password CLI (op). Use when installing the CLI, enabling desktop app integration, signing in (single or multi-account), or reading/injecting/running secrets via op.
CLI to manage emails via IMAP/SMTP. Use `himalaya` to list, read, write, reply, forward, search, and organize emails from the terminal. Supports multiple accounts and message composition with MML (MIME Meta Language).