Authgent — even we can't steal your keys

Three operations

Register. Call. Revoke. Your keys never leave the vault.

You never see, touch, or store a password. The vault handles everything — you just say what to do.

01 · REGISTERISOLATED

Your key is created inside a locked vault.

When you register an agent, a key is generated inside a vault nobody can open — not even us. You get a login token to control your agent. The actual key stays locked inside. Always.

$ authgent register --name my-agent

→ credential generated in secured hardware…

✓ agent_id: d72caa47-d8d5

✓ token: agt_9f2c…b81a

02 · CALLZERO CUSTODY

The vault makes the call for you. The key never leaves.

Your agent says "charge this card" — the vault unlocks the key, makes the call, and locks it again instantly. Your agent gets the result. The key never left the room.

agent.call(

provider="stripe",

method="POST",

path="/v1/charges")

✓ 200 · via authgent

03 · REVOKEINSTANT

Something wrong? Kill the key instantly.

One command and the key is destroyed inside the vault. Gone forever. Like changing the locks — the old key is dead, nothing works with it anymore. You can create a new agent in seconds.

$ authgent revoke

→ destroying credential…

✓ credential destroyed

→ agent permanently dead

SDK · three lines

Three lines of code. Never handle a password again.

Your agent logs in with a token — like a username. The actual passwords and API keys live inside the vault. You never see them, store them, or risk leaking them.

✓ Python SDK · direct download

✓ Works with any API — Stripe, OpenAI, anything

✓ No passwords in your code or environment

✓ Keys never leave the vault — ever

~/my-agent / main.py

from authgent import Agent

agent = Agent(agent_token="agt_9f2c4e08...")

# Call any API. Authgent handles everything.
result = agent.call(
    provider="stripe",
    method="POST",
    path="/v1/charges",
    body={"amount": 5000, "currency": "usd"},
)

# If something goes wrong — kill it
agent.revoke()
# credential destroyed. agent is dead.
$ _

Threat model · public

What happens if someone breaks in.

Protected

✓

Someone hacks your AI agent

They get a login token — not the real key. Revoke the token and the attacker has nothing. Like canceling a stolen credit card.

✓

Someone hacks our database

They find scrambled data they can't read. The real keys are inside the vault — the database never had them. Like stealing a safe that you can't open.

✓

Someone hacks our servers

They see login tokens and routing info. No real keys, no passwords. Revoke the tokens and re-register — back to normal in minutes.

✓

A rogue employee

Our own team can't see your keys. They see encrypted blobs — gibberish without the vault. Even we can't peek inside.

✓

Someone intercepts the API calls

The call is made from inside the vault — not from your server. The key never travels over your network. An attacker sniffing your traffic sees nothing because the key was never there.

✓

Someone reads your code or config

There are no keys in your codebase. No .env files, no config files, no secrets anywhere in your environment. Nothing to find. Like searching a house where the valuables were never brought home.

Out of scope

Government-level hardware attacks

Physically tampering with the vault hardware itself. No known real-world attack has achieved this against current-generation vaults.

Controlling what your agent decides to do

We limit what your agent is allowed to do — but we don't control its reasoning. That's your responsibility.

Securing your own services

We protect the keys and make the call. But your own APIs still need their own security — we can't do that for you.

Filtering what your agent says

We limit what actions your agent can take and how much it can spend — but we don't read or filter its messages.

Even we can't steal your keys.