Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.adrian.secureagentics.ai/llms.txt

Use this file to discover all available pages before exploring further.

The Secureagentics REST API uses API keys for authentication. Every request must include a valid API key in the Authorization header as a Bearer token.
Never share your API keys or commit them to source control. Anyone with your key has the same access your key allows. If a key is compromised, revoke it immediately from Settings → API Keys.

How API keys work

When you make a request to https://api.secureagentics.ai/v1, Secureagentics checks the Authorization header for a Bearer token. If the token is valid and has the required scope for the operation, the request succeeds. If the token is missing, invalid, or lacks the required scope, Secureagentics returns an error. API keys are scoped — each key is created with a specific set of permissions. This lets you issue least-privilege keys for different parts of your system.

Generate an API key

1

Open API Keys settings

In the Secureagentics dashboard, go to Settings → API Keys.
2

Create a new key

Click New API key.
3

Name and scope the key

Enter a descriptive label for the key — for example, production-agent or ci-read-only. Then select a scope. See Key scopes below for a description of each option.
4

Copy and store the key

Click Create. The full key is shown once — copy it immediately and store it in a secrets manager or environment variable. Secureagentics does not display the full key value again after you close this dialog.

Make an authenticated request

Pass your API key in the Authorization header of every request. 
curl https://api.secureagentics.ai/v1/agents \
  -H "Authorization: Bearer YOUR_API_KEY"
Replace YOUR_API_KEY with the key you copied from the dashboard. In production, load the key from an environment variable rather than hardcoding it.

Key scopes

Each API key is assigned one of the following scopes at creation time. You cannot change the scope of an existing key — create a new key if you need different permissions.
ScopeWhat it allows
readRead agents, events, and audit logs. No write access.
writeCreate agents, send events, and create or update policies. Includes all read permissions.
adminFull API access, including team management and workspace settings. Use only for trusted automation.
Issue keys with the minimum scope needed for each use case. A monitoring dashboard needs only read; an agent SDK integration needs write.

Authentication errors

HTTP statusErrorCause and fix
401 Unauthorizedinvalid_tokenThe key is missing, malformed, or has been revoked. Check that you’re passing the Authorization: Bearer <key> header and that the key is still active in Settings → API Keys.
403 Forbiddeninsufficient_scopeThe key exists but does not have permission for this operation. Create a new key with a higher scope or check which scope is required for the endpoint you’re calling.

Key rotation best practices

Rotate API keys regularly to limit exposure if a key is ever leaked.
  • Set a rotation schedule. Treat API keys like passwords. Rotate keys used in production at least every 90 days.
  • Use one key per service. Assign a unique key to each application or service that calls the API. This lets you revoke a single key without disrupting other integrations.
  • Rotate before revoking. When replacing a key, create the new key, deploy it to your service, verify requests succeed, then revoke the old key. This avoids downtime.
  • Audit key usage. Check the audit log in Settings → Audit log to see which keys have been used recently. Revoke keys that are no longer in use.