Implementing Kasa 2FA with custom scripts

Implementing Kasa 2FA with custom scripts
Implementing Kasa 2FA with custom scripts
2022-06-15 15:45:13 - last edited 2022-06-16 00:50:46
Model: KP105
Hardware Version: V1
Firmware Version: 1.1.0 Build 201016 Rel.175121

I would be grateful for some advice and pointers on how to obtain a login authentication token when Kasa is configured for Two Factor Authentication (2FA) and what needs to be done to make the calling PC a trusted host so that scripts continue to run without intervention.


For some years I have used custom control scripts to manage HS100 and KP105 from a Windows PC. An authentication token is obtained using a JSON login script gettoken.json (names and IDs changed) executed via cURL:


{ "method":"login", "params":







curl.exe -s --request POST "https://........"  --header "Content-Type:application/json" --data @gettoken.json


Similar scripts are executed to get the device list, sysinfo and set relay states etc. I accept that embedding plain text passwords is not a good idea so hopefully 2FA will permit an improved authentication method to be used.


Not surprisingly, once Kasa 2FA is configured the login script returns:

msg:App version is too old and TP-Link sends an email:


We noticed a login attempt from an old version of Kasa app on an unrecognized device. Since Two-Step Verification is enabled, you’ll need to update your Kasa app to the latest version to log in with a verification code.

If it wasn’t you logging in, someone may be trying to access your account. You can change your password to secure your account."


The email is a very welcome security improvement – thank you.


Any advice on how best to proceed with updating the process to obtain an authentication token in my custom scripts would be appreciated.

Thank you



1 Reply
Re:Implementing Kasa 2FA with custom scripts
2022-06-15 19:49:33 - last edited 2022-06-16 00:50:46


Not sure why this went into "Kasa cameras". Could it be moved to "Apps and integrations" or "Kasa smart plugs" please as appropriate. Thanks....