Keychains.dev provides secure credential delegation for AI agents, enabling them to access any API without leaking sensitive credentials. The platform serves as a credential layer for the agentic web, allowing users to stay in control while agents get the API access they need.

Keychains functions as a drop-in replacement for curl using 'keychains curl' commands where hard-coded credentials are replaced with template variables like {{GITHUB_TOKEN}} or {{STRIPE_PRIVATE_KEY}}. The system supports thousands of API providers including OAuth, API keys, and basic auth authentication methods. Users can create scoped delegate tokens for sub-agents with only necessary permissions or blank tokens requiring fresh user approval.

The system works by injecting credentials server-side so agents never see raw secrets, making it immune to prompt injection by design. When new API scopes are needed, users see exactly what the agent wants to do and approve with one click. The platform uses SSH keypairs for machine authentication instead of passwords or API keys in agent environments.

Benefits include protection against credential leakage through prompt injection attacks, full user consent flows for each permission, instant revocation capabilities, and the ability to delegate work safely to sub-agents. Users maintain visibility into every permission granted with a complete audit trail.

The product targets developers and organizations working with AI agents that need secure API access. It integrates with over 11,000 API providers and uses SSH-based machine identity with stateful fingerprinting that invalidates leaked keys on first use.