Skip to main content

Overview

Auth profiles let you configure multiple API keys, subscriptions, and provider accounts. ArgentOS automatically rotates between profiles when one hits rate limits or quota caps, ensuring your agent stays online.

How Auth Profiles Work

Each profile is a named entry with a provider, authentication credentials, and optional metadata: 
{
  "anthropic:titanium": {
    "provider": "anthropic",
    "type": "setup-token",
    "token": "sk-ant-oat01-...",
    "label": "Titanium Computing Max Sub"
  },
  "anthropic:webdevtoday": {
    "provider": "anthropic",
    "type": "setup-token",
    "token": "sk-ant-oat01-...",
    "label": "WebDevToday Max Sub"
  },
  "minimax:coding-plan": {
    "provider": "minimax",
    "type": "api-key",
    "token": "sk-cp-...",
    "label": "MiniMax Coding Plan"
  }
}

Profile Location

~/.argentos/agents/main/agent/auth-profiles.json

Auth Types

Generated from Anthropic Max subscriptions via claude setup-token. These bill against the subscription’s weekly quota.
claude setup-token
# Generates: sk-ant-oat01-...

Auth Resolution Priority

When the agent makes an API call:
  1. Auth profiles are checked first (setup tokens from Max subscriptions)
  2. Environment variables are the fallback (ANTHROPIC_API_KEY, etc.)
Auth profiles take precedence over any API keys set in your environment.

Adding Profiles

argent setup
The setup wizard walks through adding new profiles.

Rotation and Cooldown

When a profile hits a rate limit or quota cap:
1

Cooldown

The profile enters a cooldown period (exponential backoff).
2

Next profile

The next profile for the same provider is tried.
3

Alternative providers

If all profiles for a provider are in cooldown, the model router tries alternative providers.
See Failover for details on the rotation algorithm.

Security

  • Auth profiles are stored locally and never transmitted
  • Tokens are written to a file readable only by the current user
  • Do not commit auth-profiles.json to version control