opencode icon indicating copy to clipboard operation
opencode copied to clipboard
Published 2 hours ago verified publisher icon anomalyco

Support OpenRouter OAuth PKCE authentication

Open Void-n-Null opened this issue 3 days ago • 1 comments

Problem

Currently, OpenRouter authentication only supports manually entering an API key. OpenRouter provides an OAuth PKCE flow that allows users to authenticate with their OpenRouter account directly, which is more convenient and aligns with how other providers (Anthropic, GitHub Copilot, OpenAI/Codex) handle authentication.

Proposed Solution

Add an internal authentication plugin for OpenRouter that implements the OAuth PKCE flow, following the same pattern as the existing CodexAuthPlugin.

The flow:

  1. Start a local HTTP server to receive the OAuth callback
  2. Open browser to OpenRouter authorization URL with PKCE challenge
  3. User authorizes in browser
  4. Exchange authorization code for API key
  5. Store the API key

Reference: https://openrouter.ai/docs/guides/overview/auth/oauth

Additional Context

This falls under "Support for new providers" in the contributing guidelines. The implementation follows established patterns in the codebase and requires minimal changes to existing files.

Void-n-Null avatar Jan 11 '26 08:01 Void-n-Null