Skip to main content

Documentation Index

Fetch the complete documentation index at: https://authsome.agentr.dev/docs/llms.txt

Use this file to discover all available pages before exploring further.

Authsome is provider-side, not framework-side. It manages credentials for the services your agents call. The supported pattern for every framework is the same: wrap the agent invocation with uvx authsome run --. The local HTTP proxy intercepts outbound requests and injects the right Authorization header per provider. The agent’s environment never contains real secrets. If your agent is Python-native and you’re embedding authsome inside a larger orchestrator with custom storage or wiring, the library is available as a secondary surface. For everything else, the CLI and proxy are the right tools. This section has a page per agent framework with the install path, the proxy wiring, and any framework-specific notes.

Frameworks covered

Claude Code

Anthropic’s CLI for coding agents. Authsome ships as a bundled skill.

Codex

OpenAI’s coding agent. Run agents through the auth proxy.

Cursor

The Cursor IDE agent. Wire up MCP servers and shell commands against authsome.

OpenCode

OpenCode CLI. Use the proxy or env-var export.

Cowork

Multi-agent runtime. Per-agent profiles isolate credentials.

NanoClaw / OpenClaw / HermesAgent

Lightweight agent runners. Same patterns as the library path.

LangChain

Inject tokens at LLM/tool boundaries.

LlamaIndex

Wrap data-loader credentials behind authsome.

OpenAI Agents SDK

Replace OPENAI_API_KEY env-var management with proxy injection.

Anthropic SDK

Same idea for ANTHROPIC_API_KEY.

Generic Python agent

Any Python script that calls third-party APIs.
uvx authsome run -- python my_agent.py
The agent runs as a subprocess of authsome. A local HTTP proxy intercepts outbound requests and injects the right Authorization header per provider. The child process never sees the real secret because the proxy substitutes a placeholder env var like OPENAI_API_KEY=authsome-proxy-managed. See Run agents with the proxy. For SDKs that can’t route through an HTTP proxy (pinned TLS, non-HTTP protocols), fall back to: 
eval "$(uvx authsome export <provider> --format env)"
python my_agent.py
Same vault, same refresh, but the key is in the agent’s environment.

Embedding the library

If you’re building a larger Python orchestrator around authsome, you can drop below the CLI: 
from authsome.server.dependencies import create_auth_service

auth = create_auth_service()
token = auth.get_access_token("github", connection="default")
This is the embedding case. For everything else, the proxy is simpler. See Python library.

Per-framework notes

Each page in this section covers:
  • How to invoke authsome from that framework (skill, command wrapper, or library call).
  • The recommended security pattern.
  • Multi-account workflows where applicable.
  • Framework-specific gotchas (TLS pinning, env-var precedence, MCP wiring).
If a framework you use isn’t listed, the generic patterns are in Run agents with the proxy and Python library.