---
title: API Tokens
description: Generate and use API tokens for direct Agnic access
---

# API Tokens

API tokens provide direct access to Agnic APIs without the OAuth2 flow. They're ideal for scripts, CI/CD pipelines, and AI agents.

## Creating a Token

1. Go to your [Agnic Dashboard](https://app.agnic.ai)
2. Click **Connect App**
3. Configure spending limits:
   - **Max per transaction**: Maximum USD for a single transaction
   - **Daily limit**: Total USD allowed per 24 hours
   - **Monthly limit**: Total USD allowed per 30 days
4. Select allowed **networks** (Base, Solana)
5. Add an optional **label**
6. Click **Generate Token**

<Callout type="warn">
  Your token is only shown once! Save it securely.
</Callout>

## Using Your Token

Include the token in the `X-Agnic-Token` header:

```bash
curl https://api.agnic.ai/api/balance \
  -H "X-Agnic-Token: agnic_tok_sk_live_abc123..."
```

## Token Format

Agnic tokens follow this format:

```
agnic_tok_sk_live_abc123def456...
```

| Part | Description |
|------|-------------|
| `agnic_tok` | Token type identifier |
| `sk` | Secret key indicator |
| `live` | Environment (live/test) |
| `abc123...` | Unique token hash |

## Environment Variables

Store your token in environment variables:

```bash
# .env
AGNIC_TOKEN=agnic_tok_sk_live_abc123...
```

```python
import os

token = os.environ.get('AGNIC_TOKEN')
```

## Managing Tokens

### List Tokens

View all your tokens in the dashboard. You can see:
- Token label
- Spending limits
- Created date
- Networks

### Revoke a Token

1. Go to your Dashboard
2. Find the token in the list
3. Click **Revoke**

<Callout type="warn">
  Revoking a token is immediate and cannot be undone. Any applications using the token will stop working.
</Callout>

## Spending Limits

Each token has three spending limits:

| Limit | Description | Resets |
|-------|-------------|--------|
| Per-transaction | Max for single transaction | Per request |
| Daily | Total per 24 hours | Rolling 24h |
| Monthly | Total per 30 days | Rolling 30d |

If a transaction would exceed any limit, the request returns a 402 error:

```json
{
  "error": "spending_limit_exceeded",
  "error_description": "Daily limit exceeded",
  "limit": "daily",
  "current": 9.50,
  "requested": 1.00,
  "max": 10.00
}
```

## Best Practices

1. **Use descriptive labels** - "Production API", "Dev Testing", etc.
2. **Set conservative limits** - Start low, increase as needed
3. **Use separate tokens** for different environments
4. **Rotate tokens periodically** for long-running applications
5. **Never commit tokens** to version control

## Example: Python Script

```python
import requests
import os

AGNIC_TOKEN = os.environ.get('AGNIC_TOKEN')
BASE_URL = 'https://api.agnic.ai'

def get_balance():
    response = requests.get(
        f'{BASE_URL}/api/balance',
        headers={'X-Agnic-Token': AGNIC_TOKEN}
    )
    return response.json()

def call_ai(prompt):
    response = requests.post(
        f'{BASE_URL}/v1/chat/completions',
        headers={
            'X-Agnic-Token': AGNIC_TOKEN,
            'Content-Type': 'application/json'
        },
        json={
            'model': 'openai/gpt-4o-mini',
            'messages': [{'role': 'user', 'content': prompt}]
        }
    )
    return response.json()

# Usage
balance = get_balance()
print(f"Balance: {balance['usdcBalance']} USDC")

result = call_ai("Explain quantum computing in one sentence")
print(result['choices'][0]['message']['content'])
```

## CLI Login

You can also generate a token directly from the command line using email OTP:

```bash
npx agnic auth login your@email.com
npx agnic auth verify <flowId> <otp-from-email>
```

The CLI stores the token locally at `~/.agnic/config.json`. See the [CLI reference](/docs/agnicpay-features/cli) for details.

## Next Steps

<Cards>
  <Card title="OAuth2 Integration" href="/docs/authentication/oauth2" />
  <Card title="Available Scopes" href="/docs/authentication/scopes" />
  <Card title="CLI Tool" href="/docs/agnicpay-features/cli" />
</Cards>