Secure credential proxy for AI agents

Your AI agents shouldn’t
see your secrets

Give AI agents secure access to any service — through proxy tokens, not real credentials.

Get Started Free

Install the AgentKeys skill from ClawHub — your OpenClaw agent automatically routes API calls through the proxy.

Agent sends request
AgentKeys decrypts real key
Real API responds
clawhub install agentkeys

Recommended one key, all credentials by name

AGENTKEYS_API_KEY=ak_ws_your_key...
AGENTKEYS_PROXY_URL=https://proxy.agentkeys.io

Alternative per-credential proxy tokens

AGENTKEYS_PROXY_TOKEN_RESEND=pxr_resend_abc123...
AGENTKEYS_PROXY_TOKEN_STRIPE=pxr_stripe_def456...
AGENTKEYS_PROXY_URL=https://proxy.agentkeys.io

Then just talk to your agent:

  • "Send an email via Resend to user@example.com"
  • "Create a Jira ticket for this bug"
  • "Check my Stripe balance"

How It Works

Three steps. Under two minutes. Your secrets stay encrypted.

Step 01

Store Credentials

Add API keys, OAuth tokens, passwords, or cookies. Encrypted with AES-256-GCM. Plaintext never stored.

Step 02

Create Agents

Each agent gets a unique proxy token (pxr_...). Assign specific credentials per agent. Revoke anytime.

Step 03

Proxy Requests

Agent sends request with proxy token → AgentKeys injects real credential → forwards to target API → returns response.

Built for Security

Everything you need to secure credentials for autonomous AI agents.

AES-256-GCM Encryption

Every credential encrypted at rest. Per-workspace master keys. Zero plaintext storage.

Proxy Tokens

Agents never touch real API keys. Unique pxr_ tokens validated on every request.

Full Audit Trail

Every request logged: agent identity, target URL, status code, latency, timestamp.

OAuth Auto-Refresh

Google, GitHub, Slack, Twitter, Notion, HubSpot — tokens refreshed automatically.

Multiple Auth Types

API Keys, OAuth, Basic Auth, Custom Headers, Cookies, Query Params — all supported.

Open-Source Core

Encryption and proxy logic are open-source. Audit the code that handles your secrets.

View on GitHub →

Use Cases

From solo developers to enterprise teams — AgentKeys fits your stack.

AI Agent Frameworks

Give your OpenClaw, CrewAI, LangChain, or AutoGPT agents secure API access. They use proxy tokens — never real credentials. Revoke access instantly if an agent goes rogue.

OpenClawCrewAILangChainAutoGPT

MCP Servers

Model Context Protocol servers connect to Gmail, Slack, GitHub, and dozens of other services. AgentKeys handles token storage, encryption, and auto-refresh — so your MCP server stays stateless.

GmailSlackGitHubNotion

Multi-Tenant SaaS

Let your customers connect their own API keys (Stripe, Twilio, SendGrid). AgentKeys encrypts and proxies them — you never see or store raw credentials in your database.

StripeTwilioSendGridAny API

Team Credential Sharing

Share API keys across your team without anyone seeing the actual values. Full audit log of who used what and when. Rotate keys in one place — all agents update automatically.

Audit LogsRBACKey RotationZero Trust

Works With Everything

REST API, TypeScript & Python SDKs, MCP Server, and more.

curl / REST APITypeScript SDKPython SDKMCP ServerOpenClawLangChainCrewAIAutoGen

OAuth Connect: GitHub, Google, Twitter/X, Slack, Notion, Linear, Discord, HubSpot

Pricing

Start free. Scale as you grow.

Free

$0forever
  • 3 credentials
  • 1 agent
  • 100 requests/mo
  • Community support
Get Started

Starter

$19/month
  • 25 credentials
  • 5 agents
  • 10,000 requests/mo
  • Email support
Get Started Free

Pro

$79/month
  • 100 credentials
  • 25 agents
  • 100,000 requests/mo
  • Priority support
Get Started Free

Scale

$199/month
  • 500 credentials
  • 100 agents
  • 500,000 requests/mo
  • Priority support
Get Started Free

Enterprise

Custom

Contact Sales

Includes

Unlimited credentials
Unlimited agents
Unlimited requests
Dedicated support & SLA
Custom integrations
Volume discounts
SSO / SAML
On-premise option

Stop giving AI agents your real API keys

Set up AgentKeys in under 2 minutes.

Get Started Free