Agent Credentials
Issue fvag_ tokens so AI agents can access secrets without using your personal API key.
Why agent credentials?
AI agents need secret access at runtime but should never hold long-lived human keys. Agent credentials are scoped, rate-limited, and revocable independently.
Creating a credential
CLI
fyvault agent-credentials create \ --name "deploy-bot" \ --scopes secrets:read,secrets:list \ --rate-limit 120 \ --ip-allowlist "10.0.0.0/8"
Node.js
import { FyVault } from "@fyvault/sdk";
const fv = new FyVault({ accessToken: process.env.FYVAULT_API_KEY, orgId: "org_acme" });
const cred = await fv.agentCredentials.create({
name: "deploy-bot",
scopes: ["secrets:read", "secrets:list"],
rateLimit: 120, // requests per minute
ipAllowlist: ["10.0.0.0/8"],
});
console.log(cred.token); // fvag_...Python
from fyvault import FyVault
fv = FyVault(access_token="fv_live_...", org_id="org_acme")
cred = fv.agent_credentials.create(
name="deploy-bot",
scopes=["secrets:read", "secrets:list"],
rate_limit=120,
ip_allowlist=["10.0.0.0/8"],
)
print(cred.token) # fvag_...Available scopes
| Scope | Description |
|---|---|
| secrets:read | Read secret values |
| secrets:list | List secret names and metadata |
| secrets:write | Create and update secrets |
| secrets:rotate | Trigger secret rotation |
| environments:read | List environments |
Rate limits & IP allowlists
Each credential can enforce a per-minute rate limit (default 60 rpm) and an optional IP allowlist in CIDR notation. Requests from outside the allowlist are rejected with a 403.
Revoking a credential
# CLI
fyvault agent-credentials revoke ag_cred_id_123
# Node.js
await fv.agentCredentials.revoke("ag_cred_id_123");
# Python
fv.agent_credentials.revoke("ag_cred_id_123")See also: Session Tokens, FyVault.auto()