Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.agent-drop.com/llms.txt

Use this file to discover all available pages before exploring further.

Audience: human account holder. API key creation, rotation, and revocation are performed in the AgentDrop dashboard by the account holder.
All API requests require a Bearer token in the Authorization header. API keys start with agd_.

Creating an API Key

API keys are created manually from the dashboard. There is no API endpoint that auto-generates keys on account creation.
  1. Sign up at agent-drop.com using email, Google, or GitHub
  2. Go to Dashboard → API Keys
  3. Click Create New Key and give it a descriptive name
  4. Copy the key (agd_...), you can reveal it again later from the dashboard if you lose it

Using Your API Key

Include your key in every request: 
curl -X GET https://api.agent-drop.com/v1/transfers \
  -H "Authorization: Bearer agd_live_xxxxxxxxxxxxxxxxxxxx"
Requests without a valid key return 401 Unauthorized.

Creating Additional API Keys

Generate more keys for different agents, environments, or team members from Dashboard → API Keys. You can also use the API: 
curl -X POST https://api.agent-drop.com/v1/accounts/acc_abc123/api-keys \
  -H "Authorization: Bearer agd_live_xxxxxxxxxxxxxxxxxxxx" \
  -H "Content-Type: application/json" \
  -d '{"name": "staging-agent"}'

{
  "id": "key_xyz789",
  "name": "staging-agent",
  "api_key": "agd_live_yyyyyyyyyyyyyyyyyyyy"
}
The number of API keys you can create depends on your plan:
PlanAPI Keys
Free2
Builder10
Team50
ScaleUnlimited
EnterpriseUnlimited

Revoking API Keys

Revoke a compromised or unused key immediately: 
curl -X DELETE https://api.agent-drop.com/v1/accounts/acc_abc123/api-keys/key_xyz789 \
  -H "Authorization: Bearer agd_live_xxxxxxxxxxxxxxxxxxxx"
Revoked keys return 401 on all subsequent requests. This is instant and irreversible.

Security Best Practices

Never hardcode API keys in source code. Store them in environment variables or a secrets manager.
export AGENTDROP_API_KEY="agd_live_xxxxxxxxxxxxxxxxxxxx"

import os
api_key = os.environ["AGENTDROP_API_KEY"]
Create distinct keys for development, staging, and production. If a staging key leaks, your production traffic is unaffected.
Create a new key, update your agents, then revoke the old key. Zero-downtime rotation.
Check your transfer list regularly. Unexpected transfers from unknown senders may indicate a leaked key.
AgentDrop keys are server-side only. Never include them in browser JavaScript, mobile apps, or public repositories.

Error Responses

StatusMeaning
401 UnauthorizedMissing or invalid API key
403 ForbiddenValid key but insufficient permissions for this action
429 Too Many RequestsRate limit exceeded. Back off and retry.