API Key Management

The Inkeep Agent Framework provides a comprehensive API key management system for authenticating access to agent graphs. API keys are securely hashed and stored, with support for expiration and revocation.

Overview

API keys provide a secure way to authenticate programmatic access to your agent graphs. Each API key is:

Securely hashed using scrypt algorithm before storage
Scoped to a specific tenant and graph
Revocable at any time
Expirable with optional expiration dates

Usage

Creating an API Key

import { createApiKey } from '@inkeep/agents-core';

const result = await createApiKey({
  tenantId: 'your-tenant-id',
  graphId: 'your-graph-id',
  expiresAt: '2025-12-31T23:59:59Z', // Optional expiration
});

// IMPORTANT: Show this key to the user only once!
console.log('Your API Key:', result.key);
// Example: sk_live_abc123def456...

// The API key record (without the actual key)
console.log('Key Details:', result.apiKey);

API Key Management

API Key Management

Overview

Usage

Creating an API Key

On this page