Skip to main content

Documentation Index

Fetch the complete documentation index at: https://authsome.agentr.dev/docs/llms.txt

Use this file to discover all available pages before exploring further.

Authsome ships with 31 bundled API-key providers. Each is a service with a single long-lived secret rather than an OAuth flow. Authsome collects the key through a local browser form (or masked terminal input on headless machines) and stores it encrypted in the vault.

Bundled API-key providers

ProviderDisplay nameHost
ahrefsAhrefsapi.ahrefs.com
apolloApolloapi.apollo.io
ashbyAshbyapi.ashbyhq.com
beehiivBeehiivapi.beehiiv.com
brevoBrevoapi.brevo.com
bufferBufferapi.bufferapp.com
calendlyCalendlyapi.calendly.com
clearbitClearbitapi.clearbit.com
dubDub.coapi.dub.co
g2G2api.g2.com
hunterHunterapi.hunter.io
instantlyInstantlyapi.instantly.ai
intercomIntercomapi.intercom.io
keywords-everywhereKeywords Everywhereapi.keywordseverywhere.com
klaviyoKlaviyoa.klaviyo.com
lemlistLemlistapi.lemlist.com
livestormLivestormapi.livestorm.co
mailchimpMailchimpapi.mailchimp.com
mention-meMention Memention-me.com
openaiOpenAIapi.openai.com
optimizelyOptimizelyapi.optimizely.com
postmarkPostmarkapi.postmarkapp.com
resendResendapi.resend.com
rewardfulRewardfulapi.getrewardful.com
savvycalSavvyCalapi.savvycal.com
semrushSEMrushapi.semrush.com
sendgridSendGridapi.sendgrid.com
toltToltapi.tolt.com
typeformTypeformapi.typeform.com
wistiaWistiaapi.wistia.com
zapierZapierapi.zapier.com
For all providers (OAuth and API-key) in one CLI view: 
uvx authsome list

How the API-key flow works

There is no OAuth dance. The flow is:
1

Run the login

uvx authsome login openai
2

Paste the key into the browser form

Authsome opens http://127.0.0.1:7998 with a masked input. The key never goes through the shell.
3

Pattern validation (where applicable)

Some providers ship a regex (key_pattern). If your input doesn’t match, authsome rejects it with a hint.
4

Encrypted store

The key is encrypted under the active profile and written to the vault.
On a headless machine without a graphical session, authsome falls back to masked terminal input via getpass. See Use API keys.

Use the key

Through the proxy

uvx authsome run -- python my_agent.py
Authsome sets a placeholder like OPENAI_API_KEY=authsome-proxy-managed in the child’s environment so the SDK initializes. The real key is added to outbound requests at the proxy layer. The child process never sees the actual key.

As an environment variable

eval "$(uvx authsome export openai --format env)"
export prints KEY=value lines suitable for shell sourcing. The names come from each provider’s export.env map.

From Python

from authsome.server.dependencies import create_auth_service

auth = create_auth_service()
key = auth.get_access_token("openai", connection="default")
The function get_access_token is shared with the OAuth path. For API-key providers it returns the stored key.

Add an API-key provider

For a service authsome doesn’t bundle (Anthropic, Stripe, Twilio, and many others):
  1. Find the header shape (Authorization: Bearer ..., X-API-Key: ..., etc.).
  2. Write a JSON definition. See Custom providers for the template.
  3. uvx authsome register ./<name>.json.
The schema is in Provider schema.

What’s next

Use API keys

The full API-key login walkthrough.

OAuth providers

The other half of the bundled set.

Custom providers

Add an API-key provider authsome doesn’t ship.

Run agents with the proxy

Inject API keys into outbound requests without exposing them.