> ## Documentation Index
> Fetch the complete documentation index at: https://authsome.ai/docs/llms.txt
> Use this file to discover all available pages before exploring further.

# Generic Python agent

> Any Python script that calls third-party APIs. Run it under the proxy; drop to the library only when embedding.

The general pattern for any Python script that calls external APIs. No framework required.

## Run under the proxy

The script reads env vars normally; authsome injects the real values at the proxy layer.

```bash theme={null}
authsome login openai
authsome login github
authsome run -- python my_script.py
```

In the script:

```python theme={null}
import os
import httpx

# These look like real values to the script but are placeholders.
# Authsome's proxy substitutes the real secret on outbound requests.
key = os.environ["OPENAI_API_KEY"]
gh = os.environ["GITHUB_ACCESS_TOKEN"]

r = httpx.get("https://api.openai.com/v1/models", headers={"Authorization": f"Bearer {key}"})
print(r.json())

r = httpx.get("https://api.github.com/user", headers={"Authorization": f"Bearer {gh}"})
print(r.json())
```

No authsome import in the script. The proxy does the work. This is the recommended path for almost every script.

## Export when the proxy is not enough

When you need to pass tokens explicitly (TLS-pinned SDKs, non-HTTP protocols, or per-call connection selection):

```bash theme={null}
eval "$(authsome export openai --format env)"
eval "$(authsome export github --connection work --format env)"
python my_script.py
```

See [Python library](/reference/python-library) for the daemon HTTP API when building custom orchestration.

## When the proxy isn't enough

The export path is the right tool when:

* The SDK pins TLS certificates and refuses to trust the mitmproxy CA.
* You're using non-HTTP protocols (WebSockets, gRPC over HTTP/2, raw TCP) that the proxy can't intercept.
* You need to pick a different connection per call within the same process.
* You're embedding authsome inside a larger orchestrator with its own subprocess management.

Otherwise, the proxy is simpler.

## Multi-account

```bash theme={null}
authsome export github --connection personal --format env
authsome export github --connection work --format env
```

See [Multiple connections per provider](/guides/multiple-connections).

## What's next

<Columns cols={2}>
  <Card title="Python library" icon="code" href="/reference/python-library">
    Every part of the library surface.
  </Card>

  <Card title="Run agents with the proxy" icon="shield-halved" href="/guides/run-agents-with-proxy">
    The proxy injection model.
  </Card>
</Columns>
