Skip to main content
The Public API uses bearer tokens. Each key is scoped to a single workspace — any attempt to run an agent or read a task in a different workspace returns 403 Forbidden.

Mint a key

1

Open the dashboard

Sign in at agents.nanonets.com and select the workspace you want the key scoped to.
2

Create the key

Go to Settings → API Keys and click Create API key. Give it a descriptive label — you’ll want to know what it’s used for when you rotate.
3

Copy the value once

The plaintext key is shown only at creation time. Store it in your secrets manager (1Password, Doppler, AWS Secrets Manager, etc.) immediately. If you lose it, delete the key and create a new one.

Send the key

Include it in the Authorization header on every request: 
Authorization: Bearer YOUR_API_KEY

curl https://agents.nanonets.com/api/v1/tasks/$TASK_ID \
  -H "Authorization: Bearer $NANONETS_API_KEY"

Failure modes

StatusCauseFix
401 UnauthorizedAuthorization header missingAdd the header
401 UnauthorizedHeader is not Bearer <key>Fix the format
401 UnauthorizedKey was revoked or never existedMint a new key
403 ForbiddenKey is valid, but the agent/task belongs to a different workspaceUse a key scoped to the correct workspace

Security

Never commit API keys to source control. The dashboard scans for leaks but cannot catch every case — use environment variables and a secrets manager.
  • Rotate keys at least every 90 days.
  • Revoke a key immediately if you suspect it has leaked. Existing in-flight tasks finish; subsequent requests fail.
  • Scope per environment: mint separate keys for production, staging, and local development. Don’t share keys across them.