> ## Documentation Index
> Fetch the complete documentation index at: https://docs.asgcompute.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Authentication

> API-key authentication for ASG Agent Cloud

# Authentication

ASG uses **API keys** for authentication. Create a key in the [Console](https://agent.asgcompute.com/console), set it as an environment variable, and include it as a Bearer token in every request.

## Quick Setup

1. **Create an API key** at [agent.asgcompute.com/console](https://agent.asgcompute.com/console) → API Keys → Create Key
2. **Set your environment variable:**

```bash theme={null}
export ASG_API_KEY="sk-agent-..."
```

3. **Include in requests:**

```bash theme={null}
Authorization: Bearer $ASG_API_KEY
```

## Verify Connectivity

Test with a free tool — no payment required:

<CodeGroup>
  ```bash curl theme={null}
  curl -s https://agent.asgcompute.com/v1/mcp/tools/call \
    -H "Content-Type: application/json" \
    -H "Authorization: Bearer $ASG_API_KEY" \
    -d '{"tool": "get_status", "arguments": {}}'
  ```

  ```python Python theme={null}
  import os, requests

  response = requests.post(
      "https://agent.asgcompute.com/v1/mcp/tools/call",
      headers={
          "Content-Type": "application/json",
          "Authorization": f"Bearer {os.environ['ASG_API_KEY']}",
      },
      json={"tool": "get_status", "arguments": {}},
  )
  print(response.json())
  ```

  ```typescript TypeScript theme={null}
  const response = await fetch('https://agent.asgcompute.com/v1/mcp/tools/call', {
    method: 'POST',
    headers: {
      'Content-Type': 'application/json',
      'Authorization': `Bearer ${process.env.ASG_API_KEY}`
    },
    body: JSON.stringify({ tool: 'get_status', arguments: {} })
  });
  console.log(await response.json());
  ```
</CodeGroup>

## Key Security

<Warning>
  **Never share your API key.** Treat `sk-agent-*` keys like passwords. If compromised, revoke immediately in the Console and create a new key.
</Warning>

| Practice   | Recommendation                                                 |
| :--------- | :------------------------------------------------------------- |
| Storage    | Environment variable or secrets manager — never in source code |
| Rotation   | Rotate keys periodically; revoke unused keys                   |
| Scope      | Each agent/integration should use its own key                  |
| Monitoring | Check usage in the Console to detect anomalies                 |

## Auth vs. Payment

ASG separates **authentication** (who you are) from **payment** (how you pay):

| Concern  | Mechanism                                                          |
| :------- | :----------------------------------------------------------------- |
| Identity | API key via `Authorization: Bearer <api_key>`                      |
| Payment  | Solana USDC via 402 quote → on-chain transfer → `X-Payment` header |

Free tools (`get_status`, `echo`, `sandbox_cancel`) require only authentication — no payment step.

## MCP-Native Integration

For MCP-compatible agent frameworks, use the JSON-RPC endpoint (`/mcp`) with the same Bearer header:

```bash theme={null}
curl -s https://agent.asgcompute.com/mcp \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer $ASG_API_KEY" \
  -d '{
    "jsonrpc": "2.0",
    "id": 1,
    "method": "tools/list"
  }'
```

## Wallet Integration

Your Solana wallet is used for **payments only** — not for authentication. Compatible wallets:

* Phantom
* Solflare
* Backpack
* CLI wallets (Solana CLI)
