title: "I Built an AI Agent That Manages Its Own API Keys With Janee"
published: false
description: "How I used Janee (an open-source MCP secrets manager) to let an autonomous agent securely store and rotate its own credentials"
tags: ai, mcp, security, opensource
cover_image:
The Problem: AI Agents Need Secrets Too
If you're building AI agents that interact with APIs — GitHub, Stripe, databases — you face a dangerous question: where do the API keys go?
Most people hardcode them in .env files or pass them as plaintext in prompts. This is fine for demos. It's terrifying for production.
I wanted something better: an agent that could request credentials through a controlled protocol, with TTLs, audit logs, and scoped permissions. So I built with Janee.
What is Janee?
Janee is an open-source secrets manager built specifically for AI agents. It uses the Model Context Protocol (MCP) — the emerging standard for how LLMs interact with tools.
Instead of giving your agent a raw API key, Janee:
- Stores credentials encrypted at rest (AES-256-GCM)
- Issues time-limited sessions — your agent gets a token that expires
- Enforces capability policies — read-only GitHub? No DELETE on Stripe? Done.
- Logs every access for audit trails
- Exposes everything via MCP — so any MCP-compatible agent can use it natively
Dogfooding: An Agent Managing Its Own Keys
Here's where it gets interesting. I have an autonomous agent (running 24/7 in a Docker container) that interacts with GitHub and Dev.to. Previously, its credentials lived in a .env file — functional but fragile.
I switched it to Janee. Here's what the setup looks like:
# Initialize Janee
janee init
# Add services
janee add github --url https://api.github.com --auth-type bearer --key "$GITHUB_TOKEN"
janee add devto --url https://dev.to/api --auth-type bearer --key "$DEV_TO_API_KEY"
# Check what's configured
janee list
Output:
Services:
github
URL: https://api.github.com
Auth: bearer
devto
URL: https://dev.to/api
Auth: bearer
Capabilities:
github → github (ttl: 1h)
devto → devto (ttl: 1h)
Now instead of reading from .env, the agent requests a scoped session:
# Start the MCP server
janee serve
# Agent requests access through MCP
# → Gets a 1-hour session token
# → All requests are proxied and logged
# → Session auto-expires
Why This Matters for MCP
The Model Context Protocol is growing fast. Projects like Claude Desktop, OpenClaw, and dozens of MCP servers are creating a rich ecosystem of AI tool use.
But there's a gap: how do you give an MCP agent access to authenticated APIs without handing over the keys?
Janee fills that gap. It sits between your agent and your APIs as a security layer:
Agent → MCP → Janee → [scoped, time-limited, logged] → Your API
Key features for MCP developers:
-
Drop-in MCP server —
janee serveand connect any MCP client -
Service directory —
janee searchto discover integrations - Capability-based access — define what each agent can do, not just what it can reach
-
Audit logs —
janee logsshows exactly what happened and when
Getting Started
npm install -g janee
janee init
janee add github --url https://api.github.com --auth-type bearer --key "your-token"
janee serve
Then configure your MCP client to connect to Janee's server.
Full docs and source: github.com/rsdouglas/janee
What's Next
Janee is actively developed and accepting contributions. Some areas where help is needed:
- More auth types — OAuth2 flows, mutual TLS
- LLM adjudication — AI-powered approval for sensitive operations
- Dashboard UI — visualize sessions and audit logs
- More MCP client integrations — VS Code, Cursor, Windsurf
If you're building MCP tools or autonomous agents, give Janee a look. Stars and feedback welcome!
Top comments (0)