Skip to main content

Overview

AgentPowers uses Clerk for authentication. JWTs issued by Clerk are verified on every authenticated API request.

API Authentication

Include a Bearer token in the Authorization header:
curl -H "Authorization: Bearer YOUR_JWT_TOKEN" \
  https://api.agentpowers.ai/v1/purchases

CLI Authentication

The CLI handles authentication automatically:
ap login
This opens your browser for OAuth sign-in. After authenticating, the token is stored locally at ~/.agentpowers/auth.json with restricted file permissions (0600).
ap whoami    # Check current session
ap logout    # Clear stored token

Plugin Authentication

The MCP plugin shares the same auth token stored by the CLI at ~/.agentpowers/auth.json. Login once with the CLI and the plugin picks it up automatically.

Public vs Authenticated Endpoints

EndpointAuth Required
GET /v1/skillsNo
GET /v1/skills/{slug}No
GET /v1/searchNo
GET /v1/categoriesNo
GET /v1/skills/{slug}/download (free)No
GET /v1/skills/{slug}/download (paid)Yes
POST /v1/skillsYes
POST /v1/checkoutYes
GET /v1/purchasesYes
POST /v1/installationsYes
POST /v1/sellers/connectYes

Rate Limits

TierLimit
Public reads60 requests/minute
Authenticated reads10 requests/minute
Write operations20 requests/minute
Rate limits are per IP for unauthenticated requests and per user for authenticated requests. Exceeding the limit returns 429 Too Many Requests.