# Give an AI agent its own identity

Let an AI agent deploy and operate your apps without handing it your login. On Tokay, agents are first class citizens. The agent joins your Workspace with only the capabilities you select and works under its own name. And anything it does by mistake, you can undo.

## The agent works under its own name

You can create credentials for an agent instead of sharing your own, which is safer for you and clearer for everyone reviewing the work later. You add the agent to the Workspace the way you add a person, give it a display name and the Project and repository roles you choose, and everything else stays out of its reach.

It is good security posture to require that every agent has an identity with an owner and a lifecycle instead of a borrowed credential. On Tokay that comes built in rather than as a second product to integrate.

## You select every capability the agent has

You never have to wonder what the agent can do, because you selected each capability yourself. The token is just those selections, things like reading status, reading logs, deploying, or writing secret values. Tokay checks both the membership and the token on every request, so removing either one changes what the very next call can do.

When a request falls outside the selections, the denial names the missing capability, so you know what to change. You do not have to trust the agent to stay in its lane, because Tokay keeps it there.

Tokay even lets the agent mint scoped tokens for its own subagents (if you grant it that ability), so each one gets only what it needs, capped by what you gave the agent.

## Revoking access is instant

As soon as you revoke a token, you can be sure access is removed immediately. The token value is shown exactly once, at creation, and you can set an expiry when the job has a natural end. Offboarding the agent works like removing a person. Memberships and tokens end together.

## Every action has a name on it

When something changes overnight, you won't get blamed for something an agent did pretending it was you. Every action the agent takes is recorded under its own identity and credential, separate from yours.

Your secrets stay out of the agent's context and logs. A value the agent stores cannot be read back through the API. Tokay delivers it only to the running Service.

## A mistake stays a small mistake

You never need to panic, because any mistake an agent makes can be undone. Health checks prevent the agent from deploying broken code, and anything the agent deletes can be restored for 30 days. If Tokay detects a potentially destructive database migration, the agent is blocked until a human confirms it. See [let an AI agent deploy with limited permissions](let-an-ai-agent-deploy-safely.md) for the full deploy workflow.

## Point your agent at the protocol

Setup is one screen or one API call. Create the agent from Workspace settings, select its capabilities, and hand the token to the tool that needs it. The exact operations and recovery branches are published at [app.tokay.io/llms.txt](https://app.tokay.io/llms.txt).

Tokay has a very generous free tier with no credit card. [Get started](/getting-started).
