Deploy with an AI agent

A coding agent like Claude Code or Codex can carry a change from source code to a verified deployment through the Tokay API. The dashboard and API expose the same operations, so the agent does not need to stop and ask a person to finish a hidden setup screen.

Last updated

The human still controls the credential, secret values, access scope, and destructive decisions.

The agent follows an explicit deployment state

Tokay exposes what the agent should do next instead of requiring it to infer progress from logs. The agent submits code, waits for analysis, creates the detected Services, resolves named blockers, starts the deployment, and polls until the result is running and up to date.

Readiness distinguishes work that is still in progress from a decision that needs action. Diagnoses provide a category, a safe explanation, and a suggested next step when analysis, build, deployment, or runtime behavior fails.

See For AI agents for the deploy loop and the machine readable protocol.

Credentials can be narrower than the person using the dashboard

An API token carries explicit grants and can act only within the live memberships of its owner. For a durable team owned automation, an agent identity can receive its own Project and repository memberships instead of inheriting a person's access.

Revoking a membership narrows related tokens on the next request. See Permissions for how membership and token grants intersect.

Secrets can be written but not read back

An agent can store a secret value supplied by a person, but the stored value cannot be retrieved through the API. It is delivered only to the running Service.

This lets the agent complete configuration without turning the secret store into a source of credentials for its context or logs. See Secrets and environment variables.

Production boundaries stay visible

A new web version receives traffic only after health checks pass. Failed versions do not replace the working one. Deleted Projects, code, Services, and databases are recoverable for 30 days.

Database migrations rehearse against a copy first. A destructive change pauses for human confirmation rather than becoming an automatic agent decision. See Database migrations.

Every API action is attributed to the identity and credential that performed it.

Point your agent to the protocol

The orientation for agents is For AI agents. The exact GraphQL queries, mutations, action values, polling rules, and recovery branches are published at https://app.tokay.io/llms.txt.