Create a new agent for machine-to-machine access
The agent authenticates by exchanging an API key for a short-lived JWT.
Token Scoping
Restrict which vaults this agent can access and how long its tokens last.
When enabled, this agent can sign and submit on-chain transactions via the Intents API and is blocked from reading private key or SSH key secrets directly. This is a privileged capability — only enable it if this agent needs to initiate financial transactions.
Route this agent's LLM requests through Shroud for secret redaction, PII scrubbing, prompt injection defense, and policy enforcement inside the TEE.