🦀 ClawHub
AgentKeys
by @alexandr-belogubov
Secure credential proxy for AI agents. Make API calls through AgentKeys — real secrets never leave the vault.
💡 Examples
With API Key (Option A) — reference credentials by name
curl -X POST $AGENTKEYS_PROXY_URL/v1/proxy \
-H "Authorization: Bearer $AGENTKEYS_API_KEY" \
-H "X-Credential-Name: resend" \
-H "X-Target-Url: https://api.resend.com/emails" \
-H "Content-Type: application/json" \
-d '{"from": "noreply@example.com", "to": "user@example.com", "subject": "Hello", "text": "Sent via AgentKeys"}'
With Proxy Token (Option B) — direct credential access
curl -X POST $AGENTKEYS_PROXY_URL/v1/proxy \
-H "Authorization: Bearer $AGENTKEYS_PROXY_TOKEN" \
-H "X-Target-Url: https://api.resend.com/emails" \
-H "Content-Type: application/json" \
-d '{"from": "noreply@example.com", "to": "user@example.com", "subject": "Hello", "text": "Sent via AgentKeys"}'
Headers
| Header | Required | Description |
|--------|----------|-------------|
| Authorization | ✅ | Bearer $AGENTKEYS_API_KEY or Bearer $AGENTKEYS_PROXY_TOKEN |
| X-Target-Url | ✅ | Target API URL to forward to |
| X-Credential-Name | ✅ (API key mode) | Name of the credential to use (case-insensitive) |
| Content-Type | ❌ | Passed through to target |
⚙️ Configuration
You have two options. Set these in your environment or .env:
Option A — API Key (recommended, multi-credential)
AGENTKEYS_API_KEY=ak_ws_...
AGENTKEYS_PROXY_URL=https://proxy.agentkeys.io
Use your workspace API key to proxy requests to any credential by name. Get your API key from Settings.
Option B — Direct Proxy Token (single credential)
AGENTKEYS_PROXY_TOKEN=pxr_...
AGENTKEYS_PROXY_URL=https://proxy.agentkeys.io
Use a proxy token for one specific credential. Get it by assigning a credential to an agent in the dashboard.
TERMINAL
clawhub install agentkeys