Sign in
Signing in is the same OAuth step as creating an account — new users land on the sign-up screen.1
Sign in
The default flow opens your browser for OAuth and captures the token on a loopback port:For CI or headless machines, save a long-lived API key instead:
2
Confirm what's configured
--json for { configured, recommended_action, offline_engines } in scripts.~/.heygen/credentials (mode 0600) — no per-repo .env to manage. Browser OAuth is a hyperframes auth login feature. The separate heygen CLI (its own install — there’s no npx heygen) is API-key-only, so heygen auth login just stores a key you paste. Both read the same ~/.heygen/credentials, so signing in with one carries to the other.
How credentials resolve
The HeyGen credential drives TTS and music / SFX retrieval. It resolves first-match-wins:HEYGEN_API_KEY— environment variableHYPERFRAMES_API_KEY— alias, for parity with other tools~/.heygen/credentials— written byhyperframes auth login(orheygen auth login)
HEYGEN_CONFIG_DIR, or a different backend with HEYGEN_API_URL.
Keys by capability
Each capability picks the first available provider in order; the last is always a local engine that needs no key. Cloud providers below the HeyGen line need their own key and a local Python dependency.
Run
npx hyperframes doctor to check which local dependencies are installed. The media skills also run hyperframes auth status as a preflight before generating, so you always know whether a run will use HeyGen or a local engine before it starts.
Working offline
No key configured is a normal state, not an error. The workflow runs entirely on local models:- Voice — Kokoro-82M (54 voices), with Whisper for word-level caption alignment.
- Music — MusicGen (
facebook/musicgen-small). - Sound effects — a bundled library.
Environment variables
See the
hyperframes auth command reference for subcommand details, and Cloud rendering for using the same credential to render in HeyGen’s cloud.