# Z.AI (GLM Coding Plan) (https://jackin.tailrocks.com/guides/authentication/zai/) [Z.AI's GLM Coding Plan](https://z.ai/subscribe) provides an Anthropic-compatible API endpoint (`https://api.z.ai/api/anthropic`) backed by GLM models. Because the endpoint speaks the same protocol as Anthropic's API, Claude Code works against it without modification — jackin' injects the redirect at session-spawn time. When `ZAI_API_KEY` is configured, opening a new Claude tab presents a provider picker with **Z.AI** as one of the options, immediately after you select the agent. Operators without any alternative provider key see no change: the picker is skipped and the session opens directly. If you have keys for multiple providers (Z.AI, MiniMax, Kimi), all of them appear in the same picker. ## Subscribe and get an API key [#subscribe-and-get-an-api-key] 1. Open [Z.AI's GLM Coding Plan](https://z.ai/subscribe), sign in, and choose the subscription plan you want to use for coding. 2. After the plan is active, open the [Z.AI API Keys](https://z.ai/manage-apikey/apikey-list) page and create an API key. 3. Keep that key private. In jackin', store it as `ZAI_API_KEY` through the Auth settings below; do not paste it into Claude Code's host settings. Z.AI's own Claude Code setup writes `ANTHROPIC_AUTH_TOKEN` and `ANTHROPIC_BASE_URL` into Claude Code configuration. jackin' deliberately does not mutate your host Claude settings. Instead, the Z.AI key you save in jackin' Auth settings makes Z.AI appear as an Anthropic-compatible provider choice for Claude Code launches, and jackin' injects the redirect variables only into the agent process that selected Z.AI. ## Configure your Z.AI API key in jackin' [#configure-your-zai-api-key-in-jackin] 1. Open `jackin console`, select your workspace, and switch to the **Auth** tab. 2. Scroll to the **Z.AI** row and press `Enter` or `Space` to open the auth form. 3. Set the mode to **API Key** (press `Space` to cycle). 4. Enter your `ZAI_API_KEY` — either a literal key or a 1Password reference resolved at launch time. 5. Save the form. The key is written to the `[env]` map in your config file at the scope you chose (global or per-workspace). A workspace-level key overrides the global one. To remove Z.AI, open the same row, cycle the mode back to **Ignore**, and save. Ignore is the default when no key is set — Z.AI does not appear in any picker. ## Using the provider picker [#using-the-provider-picker] With `ZAI_API_KEY` configured: **At workspace launch** — launch a workspace and choose the Claude agent. Before the container starts, a provider picker appears: ``` ▸ Anthropic Z.AI ``` Use arrow keys and `Enter` to pick. `Escape` cancels back to the agent picker. **In the multiplexer** — press `N` inside a running container (the same `N` key that opens a new agent tab). When you pick Claude, the same provider picker appears if both providers are available. Provider choice for an already-running container happens here, not from the console container row — only the running container's own session knows which key it was started with. ## Tab labels [#tab-labels] When both Anthropic and Z.AI are configured in the same container, the tab strip labels reflect the active provider: | Active provider | Tab label | | --------------- | -------------------- | | Anthropic | `Claude (Anthropic)` | | Z.AI | `Claude (Z.AI)` | When only one provider is configured, the bare `Claude` label is used — no suffix added for single-provider containers. ## Scopes [#scopes] `ZAI_API_KEY` follows the standard 4-layer env resolution — most-specific wins: **per-(workspace × role) > per-workspace > global > absent** Set a global key to have Z.AI available in every workspace, or set a per-workspace key to restrict it to specific projects. The Auth tab in `jackin console` manages both scopes through the same Z.AI row. ## How the redirect works [#how-the-redirect-works] When you select Z.AI in the provider picker, jackin' injects environment variables into the spawned agent process at launch time — not into any shared config file: * `ANTHROPIC_AUTH_TOKEN` — set to your `ZAI_API_KEY` value * `ANTHROPIC_BASE_URL` — set to `https://api.z.ai/api/anthropic` * `ANTHROPIC_DEFAULT_OPUS_MODEL` — set to `glm-5.1` (maps Claude's Opus tier to GLM-5.1) * `ANTHROPIC_DEFAULT_SONNET_MODEL` — set to `glm-5-turbo` (maps Claude's Sonnet tier to GLM-5-Turbo) * `ANTHROPIC_DEFAULT_HAIKU_MODEL` — set to `glm-4.5-air` (maps Claude's Haiku tier to GLM-4.5-Air) * `API_TIMEOUT_MS` — set to `3000000` (50-minute timeout for long-running operations) * `CLAUDE_CODE_DISABLE_NONESSENTIAL_TRAFFIC` — set to `1` (suppresses telemetry that would fail through the proxy) The model-mapping variables tell Claude Code which GLM model to use for each internal model tier. Without them, Claude Code requests capabilities (like extended context windows) that the server-side default mapping may not support. The timeout prevents premature disconnection on long agent runs through the proxy. The agent's API client reads these from its process environment and routes all calls to Z.AI's endpoint. **No other tabs or sessions in the container are affected.** Anthropic tabs continue to use the container's own credentials; Z.AI tabs use the injected redirect. Both can run simultaneously in the same container. Your `ZAI_API_KEY` is never written to the logs, including `--debug` output. ## See also [#see-also] * [Authentication overview](/guides/authentication/) — the shared modes / scopes / defaults pattern jackin' applies across every auth axis. * [MiniMax (Token Plan)](/guides/authentication/minimax/) — the MiniMax Anthropic-compatible alternative provider. * [Kimi](/guides/authentication/kimi/) — Kimi's Anthropic-compatible coding endpoint. * [Agent Authentication](/guides/authentication/agents/) — agent-level auth forwarding for Claude Code, Codex, Amp, Kimi, OpenCode, and Grok. * [Environment Variables](/guides/environment-variables/) — how the operator env-vars model supplies credentials at global and per-workspace scope.