Keychains.dev is a secure credential delegation platform designed specifically for AI agents. It allows agents to access APIs without ever handling raw credentials. It replaces hard-coded secrets with template variables, injects credentials server-side, and provides user-controlled, scoped, and instantly revocable permissions to prevent leaks and unauthorized access.
Free
How to use keychains.dev?
Replace the standard 'curl' command in your AI agent's workflow with 'keychains curl', using template variables like {{API_KEY}} for credentials. When the agent needs a new API scope, the end-user is prompted for one-click approval. Keychains then securely injects the required credentials server-side, keeping raw secrets away from the agent's context and safe from prompt injection attacks.
keychains.dev 's Core Features
Server-Side Credential Injection: Raw API keys, OAuth tokens, and passwords are injected by the Keychains server. The AI agent only sees placeholder variables, making credentials invisible and safe from prompt injection or context window leaks.
User Consent & Control Flow: End-users maintain full control. They see and approve every new API permission request from agents, ensuring informed consent. Access can be revoked instantly via a dashboard without rotating the underlying secrets.
SSH-Based Machine Identity: Each machine (agent) authenticates using unique SSH keypairs, eliminating the need for passwords or API keys in the agent's environment and providing strong, cryptographic identity.
Scoped Delegation for Sub-Agents: Safely spawn sub-agents by forking permissions. Create delegate tokens with limited, task-specific API access or blank tokens that require fresh user approval for any new access.
Comprehensive Audit Trail: Provides full transparency into all granted permissions, showing which agent accessed which API for what task, creating a complete and immutable audit log for security and compliance.
Broad Authentication Support: Works with thousands of API providers, supporting OAuth 2.0 (with PKCE and auto-refresh), API keys, Basic Auth, and custom headers, making it a universal credential layer.
Stateful Fingerprinting & Instant Invalidation: Machines exchange fingerprints with every API call. If a key is leaked, it is automatically invalidated upon its first unauthorized use, minimizing the breach window.
keychains.dev 's Use Cases
AI-Powered Customer Support Agents: Allows support bots to securely access CRM and ticketing APIs to fetch user data and create tickets, without risking exposure of admin API keys in their operational context.
Autonomous Research & Data Analysis Agents: Enables research agents to pull data from financial, scientific, or social media APIs safely. Users can grant one-time access for specific queries and revoke it immediately after.
AI Coding Assistants & DevOps Agents: Lets coding assistants securely interact with GitHub, Docker, or cloud provider APIs to commit code or deploy services, using scoped tokens that limit access to only necessary repositories or resources.
Personal AI Productivity Agents: Empowers personal AI assistants to manage calendars, send emails, or make bookings via respective APIs, with the user approving each action, preventing unauthorized access to personal accounts.
Multi-Agent Workflow Orchestration: Facilitates complex workflows where a master agent delegates tasks to specialized sub-agents, providing them with narrowly scoped credentials for their specific job, enhancing security in distributed AI systems.
Enterprise AI Tool Integration: Secures internal AI tools that need access to sensitive company data from databases, HR systems, or internal APIs, providing an audit trail and instant revocation for compliance and security teams.
