IT Nerd Space

How to authenticate to TP-Link cloud API

How to authenticate to TP-Link cloud API

This is breaking news! No need to hack into your phone’s backups any more to obtain the TP-Link token!

First you need to generate an UUID v4. You can open and pick the one they give you there (no need to create one every time, one is fine, just keep it). This will represent your Client Term ID (like the one of your Kasa App).

Now this is how you can authenticate to the TP Link cloud backend and obtain a token:

We have to do a POST request to, with the following payload:

 "method": "login",
 "params": {
 "appType": "Kasa_Android",
 "cloudUserName": "XXXXX",
 "cloudPassword": "XXXXX",
 "terminalUUID": "MY_UUID_v4"

In the payload, replace cloudUserName and cloudPassword with your TP-Link (or Kasa) credentials, and the terminalUUID with the one you got above.

Remember to pass the Header Content-Type: application/json as well.

No need to have any extra tool, you can simply try it with from your browser:

What you’ll get should look like this:

 "error_code": 0,
 "result": {
 "regTime": "2017-01-06 08:42:35",
 "email": "XXXXX",
 "token": "YOUR_TOKEN_HERE"

Isn’t that cool? Of course you can implement that in any language, Shell script with cURL, Python, Node.js,… Your token is response.result.token.

In a next post I’ll show how to do the same with Tasker! 😀

From here you can also have a look at this post: Get the end point URL and HS100 Device ID.

  • Thanks! This seemed to work for me without a UUID.. not sure if that’s a mistake on their end or it’s just not a necessary key