API Keys
API Keys
Section titled “API Keys”API keys authenticate your SDK with the agent-os ingest API. Every event sent by the SDK includes the API key as a Bearer token.
Creating a key
Section titled “Creating a key”Go to Settings > API Keys (/settings/api-keys) and click Create key.
Each key has:
- Name — a label to identify the key (e.g., “production”, “staging”, “dev”)
- Key value — a random 32-byte hex string, shown once at creation
Using a key
Section titled “Using a key”In the SDK
Section titled “In the SDK”from agent_os_sdk import AgentOS
aos = AgentOS(api_key="your-api-key")Via environment variable
Section titled “Via environment variable”export AGENT_OS_API_KEY="your-api-key"import osfrom agent_os_sdk import AgentOS
aos = AgentOS(api_key=os.environ["AGENT_OS_API_KEY"])Direct API calls
Section titled “Direct API calls”Authorization: Bearer <api-key>Key expiration
Section titled “Key expiration”API keys support optional expiration dates. Expired keys are automatically rejected by the API. Check the expires_at field to manage key lifecycles.
Deleting a key
Section titled “Deleting a key”Delete a key from Settings > API Keys when it is no longer needed. This immediately revokes access — any SDK using that key will receive authentication errors.
Best practices
Section titled “Best practices”- Use separate keys for production and staging environments
- Rotate keys periodically by creating a new key before deleting the old one
- Never commit API keys to version control — use environment variables
- Use descriptive names so you can identify which key is used where