PermitPipe
Launch Dashboard

Temporary credentials for autonomous agents.

PermitPipe gives AI agents scoped, revocable API access without exposing permanent keys. Create short-lived leases, enforce policies, proxy requests, and audit every action.

Launch DashboardView Docs

Built for developers connecting agents to real tools, APIs, and infrastructure.

lease · DevAgent → GitHub
approved
AgentDevAgent
ServiceGitHub
Duration30 minutes
Allowed scopes
repo.readissues.comment
Blocked scopes
repo.deletesecrets.readpull_request.merge
Proxy endpoint/api/proxy/lease_8f2c…

Leases credentials for

GitHubSlackSupabaseStripeOpenAIAnthropicHeliusCustom APIs

The problem

Agents should not hold permanent keys.

Autonomous agents need access to APIs, databases, billing systems, repositories, and internal tools. Permanent API keys are long-lived, over-scoped, hard to audit, and dangerous when exposed through logs, prompts, or compromised agent environments.

The solution

Lease access per task.

PermitPipe lets agents request temporary credentials for a specific service, scope, and duration. Policies decide whether the lease is approved, denied, or escalated for human review.

How it works

From master key to audited request.

01

Connect a service credential

Store a master key once. It is encrypted at rest and never exposed to an agent.

02

Define access policies

Set scope, duration, and approval rules per service and per agent.

03

Issue scoped leases

Agents request short-lived credentials for a specific task and scope.

04

Proxy and audit every request

Requests are proxied through PermitPipe, enforced against policy, and logged.

Capabilities

Everything needed to lease credentials safely.

Temporary API leases

Credentials that exist only for the task and expire on a hard TTL.

Scoped permissions

Grant the minimum scopes a task needs — nothing more.

Automatic expiration

Every lease has a deadline. No lingering long-lived keys.

Human approval rules

Route sensitive scopes to a person before access is granted.

Request proxying

The agent calls a proxy endpoint; the master key stays server-side.

Full audit logs

Every proxied request is recorded with scope and policy result.

Dangerous scope blocking

Delete, admin, and secrets scopes are denied by default.

Phantom billing

Prepaid USDC/SOL credits settled through Phantom on Solana.

PERMIT utility layer

Staking, fee discounts, and verified integration templates.

Example lease

A lease is a small, explicit contract.

Each request resolves to allowed scopes, blocked scopes, a duration, and a decision. The agent receives a proxy endpoint — never the underlying key.

POST /v1/leases approved
{
  "agent": "DevAgent",
  "service": "GitHub",
  "duration": "30 minutes",
  "allowed_scopes": ["repo.read", "issues.comment"],
  "blocked_scopes": ["repo.delete", "secrets.read", "pull_request.merge"],
  "status": "approved"
}
Block secrets access by default
Require approval for billing actions
Deny destructive scopes
Limit lease duration
Restrict production database writes
Revoke all leases instantly

Policy engine

Policies before permissions.

Every request is evaluated against your rules before any credential is issued. Dangerous scopes are blocked by default, sensitive actions require approval, and a single control revokes everything at once.

Billing

Simple billing through Phantom.

PermitPipe uses Phantom for USDC/SOL payments. Buy prepaid credits, renew plans manually, and apply PERMIT-based fee discounts — without making PERMIT the primary payment token. No automatic recurring charges.

Token utility

PERMIT powers the network layer.

PERMIT is used for relay staking, developer fee discounts, verified integration templates, reputation, and security incentives. It is not required for basic usage and is not an investment.

Stop handing agents permanent keys.

Issue scoped, revocable leases and audit every request your agents make.

Launch DashboardView Docs