Skip to sign up

Stop giving agents your production keys.

One leaked process holding a real sk_live_ key gives an attacker your full blast radius. Every endpoint, every method, no kill switch to reach for. Vault the credential once and Vertex brokers each agent a short-lived token scoped to exactly what it should be touching. The real key never leaves the vault.

Before Vertex, the agent sends the request with a real provider key in the Authorization header. After Vertex, the same request is brokered through api.vertex.blue with a short-lived Bearer vtx_session_ token, scoped to charges:write, POST only, and a 600-second TTL. The request returns 200, and the real key never leaves the vault.
Business plan·$99/mo

Control for the agentic era

Sign up with Google, connect a provider, and broker your agents’ first scoped token. No key rotation, nothing to rip out and replace.

  • No real keys in agentsVault the provider secret once. It never reaches a running process.
  • Scoped vtx_session_ tokenEach agent gets a short-lived token, allowlisted by domain and method.
  • Revoke in one clickKill a session the moment you need to. Nothing downstream to rotate.
Already have access? Sign in