Skip to main content

Admin SDK

Use ContoAdmin for organization-level automation: provisioning agents, attaching wallets, assigning policies, and creating agent SDK keys. Use the regular Conto client for agent runtime payment calls.

Initialize

Create organization API keys from Settings > API Keys. Store them in a secret manager and use the smallest scope preset that can perform the job.

Provision an agent

This is the common backend setup flow:
The returned SDK key is shown once. Pass it to the agent runtime as CONTO_API_KEY.

Method map

Scopes

Admin SDK methods use organization API key scopes. Read methods need the matching *:read scope. Create, update, delete, link, assign, provision, freeze, and revoke methods need the matching *:write or admin scope. See Authentication for key creation and rotation.

Security notes

  • Organization keys can manage all agents and wallets in the organization.
  • Prefer scoped keys for CI and provisioning jobs.
  • Rotate keys regularly and revoke unused keys.
  • Billing plan changes require an owner dashboard session, not an organization API key.

Authentication

Key types, scopes, and rotation

Payments

Agent runtime payment calls

Policies

Policy types and evaluation behavior

API Reference

OpenAPI and REST reference links