# Agent Groups > Understand how agent groups control tool access, credentials, spending limits, and wallet addresses for connected agents. Content type: documentation Source URL: https://www.agentpmt.com/docs/core-concepts/agent-groups Markdown URL: https://www.agentpmt.com/docs/core-concepts/agent-groups?format=agent-md Category: Core Concepts --- # Agent Groups An **agent group** is the control layer between a human account and one or more connected agents. It defines which tools the agents can use, how much they can spend, and which credentials are available to approved tool calls. Every connected agent should run through an explicit group. No group means no controlled access. ## What an Agent Group Controls - **Tool Access**: Only tools added to the group are visible to connected agents. - **Spending Caps**: Set limits per call, hourly, daily, weekly, or monthly. - **Credentials**: Bind API keys and OAuth tokens so tools can authenticate on your behalf. ## One Account, Multiple Groups Create separate groups for separate trust boundaries: | Agent Group | Use Case | Cap | | --- | --- | --- | | Research Agents | Web search, data retrieval | 500 credits/day | | Content Agents | Writing tools, image generation | 200 credits/day | | Shopping Agents | Product search, ordering | 50 credits per call | Each group has its own connection keys and access settings, so a narrow-use agent does not inherit broad account access. ## Connection Keys Connection keys identify which agent group a connected runtime should use. MCP and direct API flows use these keys to decide which tools, credentials, and spending caps apply. - **API key** identifies the account or integration. - **Group or budget key** identifies the allowed operating boundary for the agent. ## Agent Address An agent group can have an **agent address**, which is a blockchain wallet address assigned to the group. Autonomous agents use wallet addresses for x402 payments and signed external API calls. > INFO > > Agent addresses are only required for wallet-authenticated autonomous flows. MCP and API-key connections can run without an on-chain wallet. ## Next Steps - [Set Up Your First Agent Group](/docs/getting-started/setting-up-your-first-budget) - Create the access boundary for a connected agent. - [Setting Spending Caps](/docs/core-concepts/setting-spending-caps) - Choose cap types and spending controls.