Skip to content

L0ndra/pi-anthropic-oauth

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
auth.ts
auth.ts
 
 
convert.test.ts
convert.test.ts
 
 
convert.ts
convert.ts
 
 
index.ts
index.ts
 
 
package.json
package.json
 
 
prompt.ts
prompt.ts
 
 
stream.ts
stream.ts
 
 

Repository files navigation

pi-anthropic-oauth

Anthropic OAuth provider for pi with automatic API key rotation on rate-limit errors.

Features

  • Anthropic OAuth login — authenticate via Claude Pro/Max subscription (PKCE flow with local callback server)
  • Streaming — full streaming support with thinking, tool use, and cache-aware token accounting
  • Key rotation — pool multiple API keys and automatically rotate on rate-limit/overloaded errors
  • Auth error eviction — invalid keys (401/authentication errors) are removed from the pool automatically

Installation

Copy or symlink the extension directory into your pi extensions folder:

# Symlink (recommended — stays in sync with repo)
mkdir -p ~/.pi/agent/extensions/anthropic-oauth
for f in auth.ts convert.ts index.ts prompt.ts stream.ts; do
  ln -sf /path/to/pi-anthropic-oauth/$f ~/.pi/agent/extensions/anthropic-oauth/$f
done

# Or copy (note: copy contents into the target, not the directory itself)
mkdir -p ~/.pi/agent/extensions/anthropic-oauth
cp auth.ts convert.ts index.ts prompt.ts stream.ts ~/.pi/agent/extensions/anthropic-oauth/

Restart pi or run /reload to activate.

Configuration

OAuth (auth.json)

OAuth credentials are managed automatically by pi. Run /login in a pi session to authenticate with your Anthropic account. Credentials are stored in ~/.pi/agent/auth.json.

Key Rotation (key-rotation.json)

To enable key rotation, create ~/.pi/agent/key-rotation.json:

{
  "keys": [
    "sk-ant-oat-TOKEN_1...",
    "sk-ant-oat-TOKEN_2..."
  ]
}

Secure the file: chmod 600 ~/.pi/agent/key-rotation.json

Key rotation requires at least 2 keys in the pool. With fewer than 2, the extension uses the standard OAuth flow.

Commands

Command Description
/key-add Capture the current Anthropic OAuth token from auth.json and add it to the key rotation pool
/key-reset Reset rotation back to key 1

Typical workflow

  1. Log in with your first account: /login
  2. Add the token to the pool: /key-add
  3. Log in with your second account: /login
  4. Add that token too: /key-add
  5. Key rotation is now active (status bar shows 🔑 1/2)

How Key Rotation Works

  1. On session_start, the extension loads keys from key-rotation.json and registers the Anthropic provider with the first key
  2. On agent_end, if the last assistant message was an error from the anthropic provider:
    • Rate-limit/overloaded errors (429, overloaded, rate limit, too many requests): rotate to the next key in the pool
    • Auth errors (401, invalid api key, authentication_error): remove the bad key from the pool and config file
  3. Pi's retry logic fires after the agent_end handler, so the rotated key is used on the next attempt
  4. On success after a rotation, the "rotated" indicator clears from the status bar

Status Bar

When key rotation is active (2+ keys), the status bar shows:

  • 🔑 1/3 — using key 1 of 3
  • 🔑 2/3 (rotated) — rotated to key 2 after a rate-limit error

License

MIT

About

Anthropic OAuth provider for pi with automatic API key rotation

Resources

Readme

License

MIT license
Activity

Stars

5 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages