Sign Up for Free

RunKit +

Try any Node.js package right in your browser

This is a playground to test code. It runs a full Node.js environment and already has all of npm’s 400,000 packages pre-installed, including @tuyapi/cloud with all npm packages installed. Try it out:

var cloud = require("@tuyapi/cloud")

This service is provided by RunKit and is not affiliated with npm, Inc or the package authors.

@tuyapi/cloud v0.4.1

A NodeJS wrapper for Tuya's cloud API

tuyapi/cloud Build Status Coverage Status XO code style

A NodeJS wrapper for Tuya's API.

At the moment, only the mobile/app API is supported as it covers the vast majority of use cases.

There are two modes of operation:

  • the 'old' API - described in the docs, using MD5 as a sign mechanism
  • the 'new' API - reverse-engineered from the TuyaSmart Android app, using HMAC-SHA256 as a sign mechanism

If you can, use the old API. Unfortunately, for some clientId/key's you must use the new API (eg. clientId used by TuyaSmart app). To use the the new API, specify apiEtVersion as an option in constructor (currently '0.0.1').

Step-by-step instructions for acquiring keys to use with the old API can be found here.

Obtaining keys for new API (additional parameters secret2 and certSign are required) involves disassembling obtained an APK file (either official app or generated "demo" app from For details see tuya-sign-hacking repo.


npm i @tuyapi/cloud


old API (register/login and create token):

const Cloud = require('@tuyapi/cloud');

let api = new Cloud({key: 'your-api-app-key', secret: 'your-api-app-secret'});

api.register({email: '', password: 'example-password'}).then(async sid => {
  let token = await api.request({action: 'tuya.m.device.token.create', data: {'timeZone': '-05:00'}});

  console.log(token) // => { secret: '0000', token: '01010101' }

new API (listing all devices in all groups):

const Cloud = require('@tuyapi/cloud');

let api = new Cloud({key: apiKeys.key,
                     secret: apiKeys.secret,
                     secret2: apiKeys.secret2,
                     certSign: apiKeys.certSign,
                     apiEtVersion: '0.0.1',
                     region: 'EU'});

api.loginEx({email: myEmail, password: myPassword}).then(async sid => {

  api.request({action: 'tuya.m.location.list'}).then(async groups => {
    for (const group of groups) {
      api.request({action: '', gid: group.groupId}).then(async devicesArr => {
        for (const device of devicesArr) {
           console.log('group: "%s"\tdevice: "%s"\tdevId: "%s"',,, device.devId);



  1. After cloning, run npm i.
  2. Add a file called keys.json with the contents
  "key": "your-api-key",
  "secret": "your-api-secret"
  // for new API: add also secret2 and certSign
  1. Create a file called dev.js as a playground. Since dev.js is in .gitignore, it won't be committed.
  2. To run tests, run npm test.
  3. To output coverage, run npm run cover (it will exit with an error).
  4. To build documentation, run npm run document.


RunKit is a free, in-browser JavaScript dev environment for prototyping Node.js code, with every npm package installed. Sign up to share your code.
Sign Up for Free