Skip to main content
Authsome is a local credential broker for AI agents. The space it competes with is crowded with tools that solve adjacent but different problems. This page is an honest comparison so you can pick the right one.

At a glance

AuthsomeHardcoded .envSaaS secrets manager (Vault, Doppler, 1Password)DIY auth code
Automatic OAuth2 refreshYesNoNo (stores values, doesn’t run flows)Build it
Built-in OAuth2 + API-key flowsYesNoNoBuild it
Headless agent runtimeYesYesYesVaries
Local, no SaaS dependencyYesYesNoYes
Built-in providers, zero configYes (see bundled providers list)NoneNoneNone
Multi-account per providerYesNo (one env per key)SometimesBuild it
Encrypted at restYes (AES-256-GCM)No (plaintext file)YesVaries
Secrets out of child envYes (proxy injection)NoNoBuild it
Per-account scoping (vaults)YesNoPer-tenantBuild it
Auditable action logYes (SQLite DB)NoYesBuild it

Hardcoded environment tokens (.env, shell exports)

The default state for most projects: a .env file or shell config with OPENAI_API_KEY=... lines. Where it wins. Zero infrastructure. Works everywhere. No new mental model. Where it loses.
  • Tokens are plaintext on disk, in shell history, in ps, in /proc/<pid>/environ, in subprocess env inheritance.
  • OAuth refresh tokens require manual handling: build a refresh loop or accept periodic re-authentication.
  • One key per project leads to credential sprawl as the number of services grows.
  • Rotation is manual. Compromise blast radius is unbounded because the token has no expiry and nothing watches it.
Use this if. You have a single service, a single agent, and an OK threat model. Don’t use it for OAuth2 services that issue refresh tokens.

SaaS secrets managers (HashiCorp Vault, Doppler, 1Password Secrets Automation, AWS Secrets Manager)

Centralized secret storage in a cloud (or self-hosted) service. Pull secrets at runtime by name. Where they win. Centralized rotation, role-based access control, audit trails, hardware-backed key management on the enterprise tier, integration with CI/CD platforms. Where they lose for agent workflows.
  • They store values; they don’t run OAuth flows. You still have to do the OAuth dance yourself, then put the resulting tokens in the manager. Refresh is your problem.
  • Each agent needs network access to the manager. Local-first is not the design.
  • Latency hits every agent invocation. Authsome’s vault is on the same disk.
  • License cost grows with team size. Authsome is free.
  • The trust boundary is the manager’s network. If the agent runs on a laptop and the manager is in your cloud, that’s a network hop with all the failure modes.
Use these if. You’re managing infrastructure secrets for production services in production. Don’t use them as the primary credential broker for desktop agent workflows.

OS keychains (Keychain, libsecret, Credential Manager)

The macOS, Linux, and Windows keychains. Store secrets in the OS, retrieve programmatically. Where they win. Native, well-trusted, hardware-backed on modern OSes. Where they lose.
  • No OAuth flow runner. They store strings.
  • No provider model. Every consumer rolls its own naming convention.
  • No refresh. No expiry tracking. No multi-account semantics.
  • Headless server use is awkward. Linux without a graphical session often has no usable keychain backend.
Note. Authsome can use the OS keychain as a backend for its master key when encryption.mode = "keyring". The keychain holds one secret (the master key); authsome holds the rest. See Encryption at rest.

DIY auth code

Write your own OAuth client, token cache, and refresh loop in every project. Where it wins. Maximum control. No external dependency. Fits exactly your shape. Where it loses.
  • You write the same code in every project.
  • Edge cases (token revocation mid-flow, refresh-token expiry, provider clock skew, PKCE state, device code polling intervals) are easy to get wrong.
  • Security review burden is on you. Mistakes leak credentials.
  • No standard place for other tools to find your credentials.
Use this if. You have a single provider with an unusual flow that authsome doesn’t model and likely won’t. Otherwise, register it as a custom provider and let authsome run it.

Other local credential brokers

There are a handful of credential-management tools in adjacent spaces. Worth a quick honest comparison:
  • pass, gopass. Excellent password managers. No OAuth flow runner. Treat them like a keychain.
  • aws-vault, awsume. Specific to AWS. Authsome is general-purpose.
  • OAuth2 client libraries (httpx-oauth, authlib). Building blocks, not a complete broker. They’re what authsome uses internally.
  • onecli / OneCLI. Closest comparison: also an open-source credential vault for AI agents. Different design choices around hosting, dashboard, and the policy layer.

Authsome vs other agent credential brokers

For teams deciding between open-source agent credential brokers, the useful comparison is less “who has OAuth?” and more “which operating model fits your agents, team, and deployment?”
AuthsomeOneCLIAgent Vault
Core modelProvider-centric credential broker for OAuth, API keys, and browser credentialsDashboard-backed gateway for project/org-scoped secrets and app connectionsVault-scoped credential proxy with user/agent grants and proposal workflow
Runtime deliveryProxy resolves the matching provider and injects auth headers at request timeGateway swaps placeholders and injects credentials into matching outbound requestsMITM proxy attaches credentials through vault service rules
OAuth token lifecycle supportYes: PKCE, device code, DCR, callback/token exchange, and refresh handlingYes: OAuth app connections, callback/token exchange, and refresh-aware credentials where supported by the app definitionYes: OAuth credential type with connect, token paste/import, and refresh handling
Default client-app ergonomicsBundled provider definitions; DCR-capable providers can avoid manual app setup, while other OAuth providers use your client app credentialsApp registry with configurable OAuth app credentials and environment/default resolution pathsProvider URL presets help fill OAuth endpoints; operators typically supply client credentials or paste/import existing tokens
API-key workflowsYesYesYes
Bundled provider / app registryYes: provider definitionsYes: app/integration registry with OAuth, API-key, and import methodsService + credential model rather than a fixed app registry
Beyond auth-header injectionFocuses on provider-routed auth injection and token lifecycleSupports gateway injection plus credential stubs for some tool bootstrapping workflowsSupports service-scoped placeholders in paths, query strings, headers, bodies, and WebSocket frames
Main deployment postureLocal-first CLI + daemon, with server components available for shared setupsWeb dashboard/API + Rust gateway + Postgres, commonly run through Docker/local modeSingle Go binary or container running API/UI + MITM proxy, often deployed as a separate broker host
Team / multi-userPrincipals, identity claims, per-principal vaults, admin/user roles, and multi-account provider connectionsOrg/project/team model with web UI, agents, policy rules, audit/request logs, and scoped secrets/app connectionsMulti-user instance and vault model with users, agents, instance roles, vault roles, and proposal approvals

OAuth nuance that is easy to miss

A binary “OAuth: yes/no” row is usually misleading. A better split is:
  1. OAuth protocol support: can it do authorize/callback/token exchange/refresh?
  2. Client app ergonomics: how are OAuth client apps supplied, resolved, or overridden?
All three can support OAuth token lifecycles. Where they differ is the client-app, provider, and operator model:
  • Authsome emphasizes reusable provider definitions and flow handling as first-class concepts.
  • OneCLI emphasizes app connections, gateway policy context, and app credential resolution from project config or defaults.
  • Agent Vault emphasizes vault-scoped credentials/services, approval workflows, and flexible service rules.

When to choose each

Choose Authsome when

  • You want OAuth-heavy agent workflows with provider-centric login and token lifecycle handling.
  • You want a local-first CLI/daemon flow for developer machines, with room to grow into shared setups.
  • You want one broker that handles API-key and OAuth flows under the same provider model.

Choose OneCLI when

  • You want a dashboard-first, team-oriented deployment with org/project abstractions.
  • You want a Rust gateway with web-managed agents, app connections, policies, and request logs.
  • You prefer operations centered around a web dashboard and Postgres-backed service.

Choose Agent Vault when

  • You want a single-binary control plane + MITM runtime with explicit vault/user/agent roles.
  • You want proposal-based access expansion and strong vault-level governance workflows.
  • You want static, OAuth, external-store, and dynamic credential strategies in one vault model.

Caveats for fair comparisons

  • Feature names differ across tools (provider, app, service, credential) and are not one-to-one.
  • Deployment shape matters as much as features (local-first vs multi-user service footprint).
  • OAuth support does not always mean zero setup: client app requirements vary by provider, integration, and deployment policy.

When authsome is the right tool

You want all of:
  • A single command (authsome login <provider>) to handle the OAuth flow correctly.
  • Refresh that happens silently so agents always get a valid token.
  • Credentials never appearing in the agent’s environment or shell history.
  • A local-first model with no SaaS dependency.
  • Multi-account scoping for personal vs work credentials.
  • A standard place every agent on the machine looks for credentials.
You’re fine with the v1 trust model: the local machine and user account are trusted relative to remote services. See Threat model.

When authsome is not the right tool

  • You need centralized cloud-managed secrets across a fleet of production servers with strict compliance requirements. Use a SaaS secrets manager.
  • The only credential you care about is one short-lived API key in CI. A .env file plus a CI secret store is enough.
  • You’re managing infrastructure-as-code secrets (database passwords, TLS certs). That’s not the agent space.
  • You’re operating in an environment that prohibits the mitmproxy CA and you can’t use the env-export fallback. Authsome’s proxy needs CA trust.

What’s next

Quickstart

Five minutes to a working agent with injected credentials.

Threat model

What authsome’s trust assumptions are.

Architecture

The layered model and what each layer owns.

Roadmap

What’s coming.