API Keys Are Dead (For Agents)

API keys have been the standard authentication mechanism for web APIs for 20 years. They're not going away for human developers — but they're completely wrong for AI agents.

Here's why, and what the alternative looks like.

The API Key Model Assumes a Human

When you sign up for a weather API, the flow is:

1. Create an account
2. Verify your email
3. Enter a credit card
4. Generate an API key
5. Store the key somewhere secure
6. Rotate it every 90 days
7. Monitor usage and manage billing alerts

Every step of this assumes a human. An AI agent can't sign up for an account, verify an email, or enter a credit card. It can't remember to rotate keys or respond to billing alerts.

You can work around this by pre-configuring API keys for your agent — but then the agent can only use the APIs you've set up in advance. It can't discover and call a new API mid-task without human intervention.

What "Agentic" Actually Means

The word gets overused, but there's a real distinction: an agentic system acts on goals, not just instructions.

If you tell an agent to "research competitors and summarize pricing," a truly agentic system should be able to:

• Decide it needs live pricing data
• Find an API that provides it
• Pay for the data
• Use it
• Move on

The bottleneck today is step 3. Agents can reason, plan, and execute — but they can't acquire new data capabilities on the fly without human setup.

API keys are that bottleneck.

Wallets Are Better Identity

A crypto wallet is a better identity primitive for agents than an API key, for one reason: it's both identity and payment in one.

When an agent has a wallet:

• It can prove who it is (sign a message)
• It can pay for what it needs (send USDC)
• It can do both atomically, in a single HTTP request

No account. No billing relationship. No pre-registration. The wallet address is the agent's identity on every API it calls.

This is the x402 model. The agent sends a micropayment (typically $0.001–$0.10 USDC) inline with the API request. The server verifies the on-chain payment and returns the result. The whole thing happens in the time it takes to settle a Base transaction — about 2 seconds.

The Economics Work

Micropayments have historically failed because transaction fees ate the payment. Sending $0.001 when gas costs $0.01 is not viable.

Base changes that. Gas on Base costs fractions of a cent. A $0.001 USDC payment on Base is actually $0.001 — not $0.001 plus $0.01 in fees.

This makes true micropayments viable for the first time. An agent can call 1,000 APIs for $1. At that price point, agents can afford to explore, experiment, and use data liberally — the same way humans browse the web.

What Changes

For API providers: you can list on an agent marketplace with no auth system required. If a request includes a valid x402 payment, serve it. The marketplace handles discovery, billing aggregation, and abuse prevention.

For agent builders: your agent can call any listed API without pre-configuration. Fund the agent wallet with USDC once, and it can discover and use new data sources as the task demands.

For the ecosystem: API capabilities become composable at runtime, not compile time. Agents can assemble the data stack they need for a specific task, pay for exactly what they use, and move on.

Where We Are

x402 is a new protocol — the infrastructure is still being built. But the pieces are in place: Base is live and cheap, USDC is widely available, and the HTTP 402 spec has been waiting unused for 30 years.

Proxagora is the discovery and marketplace layer on top of x402. The goal is to make the full catalogue of the web's APIs available to any agent, without any human setup required.

If you're building agents, explore the catalogue or read the x402 protocol docs.