AgentPMT

Learn how AgentPMT securely manages API keys, OAuth tokens, and passwords your tools need to function.

How Credentials Work

Some tools need authentication to work -- an API key for a weather service, OAuth tokens for Google Workspace, or a password for a database. AgentPMT handles these securely through credentials.

The Flow

A tool declares what it needs

Each tool specifies a credential schema: which fields are required (API key, token, username/password, etc.) and what format they should be in.

You provide the values

In your dashboard under the Credentials tab, you create a credential record and fill in the required fields. Secret values are masked after saving.

You bind it to a budget

Go to your budget's settings and bind the credential to the relevant tool. This tells AgentPMT: "When this agent calls this tool using this budget, use these credentials."

Agent calls the tool

When your agent makes a tool call, AgentPMT automatically injects the bound credentials. The agent never sees your raw secrets.

Security

Your secrets stay safe

Credential values are encrypted at rest. Your agent never receives raw credential values -- they are injected server-side when the tool call is routed to the vendor's endpoint.

  • Secret fields are masked in the dashboard after saving
  • Credentials are encrypted in the database
  • Credentials are injected server-side -- they never pass through your agent
  • Each credential is scoped to a budget -- different budgets can use different credentials for the same tool

When You Don't Need Credentials

Many tools on AgentPMT work without any credentials. If a tool is fully hosted by the vendor and doesn't require external authentication, you just add it to your budget and go.

You only need to set up credentials when a tool connects to a third-party service that requires your own account (e.g., your Google account, your Stripe account, your custom API).

Managing Credentials

From your dashboard:

  • Credentials tab -- Create, edit, and delete credential records
  • Budget settings -- Bind credentials to specific budgets
  • Missing credential warnings -- If your agent tries to call a tool that needs credentials you haven't provided, you'll see a warning in the chat interface with a link to set them up

Set Up Your First Budget

Learn how to create a budget and bind credentials

What is a Tool

Understand what tools are and how they use credentials