Keychains.dev
Secure credential delegation for AI agents, letting them access APIs without exposing sensitive credentials while users maintain control.
At a Glance
About Keychains.dev
Keychains.dev provides secure credential delegation for AI agents, enabling them to access thousands of APIs without exposing sensitive credentials. The platform acts as a proxy layer that injects credentials server-side, ensuring that AI agents never see raw secrets, protecting against prompt injection attacks and credential leakage. Users maintain full control with transparent permission management and instant revocation capabilities.
-
Drop-in curl replacement - Use
keychains curlas a replacement for standard curl commands, replacing hard-coded credentials with template variables like{{OAUTH2_ACCESS_TOKEN}}or{{STRIPE_PRIVATE_KEY}}for seamless integration. -
Server-side credential injection - Credentials are injected server-side, making them invisible to the agent and protecting against prompt injection attacks that could exfiltrate secrets from context windows.
-
User consent flows - When a new API scope is needed, users see exactly what the agent wants to do and approve with one click, ensuring informed consent for every permission granted.
-
SSH key identity - Every machine authenticates via SSH keypairs with no passwords or API keys in the agent's environment, providing strong cryptographic identity verification.
-
Stateful fingerprinting - Machines exchange fingerprints with every call, automatically invalidating leaked keys on first use for enhanced security.
-
Instant revocation - Revoke any machine's access with one click from the dashboard with no waiting or grace periods.
-
Multi-protocol support - Handles OAuth 2.0 with PKCE, API keys, and basic auth, working with 6754+ API providers including GitHub, Google, Slack, Stripe, Notion, Linear, and more.
-
Sub-agent delegation - Create scoped delegate tokens for sub-agents with only the permissions they need, or create blank tokens that require fresh user approval for each task.
-
Full audit trail - Users see every permission granted, every agent, and every task with complete transparency and accountability.
To get started, install the keychains CLI and use it as a drop-in replacement for curl. Replace your hard-coded credentials with template variables, and the platform handles authentication, token refresh, and secure credential injection automatically.
Community Discussions
Be the first to start a conversation about Keychains.dev
Share your experience with Keychains.dev, ask questions, or help others learn from your insights.
Pricing
Free
Free tier for getting started with secure credential delegation
- Secure credential delegation
- SSH key identity
- User consent flows
- Access to API providers
- Basic audit trail
Capabilities
Key Features
- Secure credential delegation for AI agents
- Server-side credential injection
- SSH key identity authentication
- Stateful fingerprinting for leaked key detection
- User consent flows for permission approval
- Instant access revocation
- OAuth 2.0 with PKCE support
- Auto token refresh
- API key scoped injection
- Basic auth support
- Scoped delegate tokens for sub-agents
- Blank tokens for fresh user approval
- Full audit trail
- Support for 6754+ API providers
- Drop-in curl replacement