Why API security matters
AI agents access your systems via API credentials. If those credentials are compromised, an attacker can access customer data, delete records, or execute unauthorized actions. Poor API security creates data breach risk, compliance violations, and financial loss.
Securing API access means granting minimum permissions, using the right authentication method, rotating credentials regularly, and monitoring for unauthorized access. Treat agent credentials with the same rigor as employee passwords.
Security implementation
1. Grant minimum scoped permissions
Start with read-only access. Add write permissions workflow by workflow. Never grant admin, owner, or delete permissions unless absolutely required. If delete permissions are required, gate all delete actions with human approval.
Use OAuth scopes to limit what the agent can access. For example, a Salesforce lead routing agent only needs read access to leads and write access to lead owner field. It does not need access to opportunities, accounts, or admin settings.
2. Use OAuth 2.0 instead of API keys
For SaaS tools that support OAuth (Salesforce, Slack, Zendesk), use OAuth instead of API keys. OAuth provides automatic token refresh, granular scopes, and easier revocation. API keys are static and harder to rotate safely.
3. Rotate credentials every 90 days
Rotate API keys every 90 days. OAuth tokens refresh automatically. Document the rotation schedule and automate it where possible. Do not use the same API key for multiple agents. Use separate credentials per agent for better auditing and easier revocation.
4. Implement rate limiting
Set rate limits for each agent to prevent runaway API usage. A misconfigured trigger or infinite loop can cause an agent to make thousands of API calls in minutes, hitting rate limits or racking up costs. Rate limits provide a safety net.
5. Use IP allowlisting where possible
If your systems support IP allowlisting, restrict agent API access to known IP addresses. This adds an extra layer of security. If credentials are leaked, they cannot be used from unauthorized locations.
6. Monitor for unauthorized access
Monitor API access logs for unusual patterns. Spikes in API calls, access from unexpected IP addresses, or failed authentication attempts may signal compromised credentials. Set up alerts for these patterns.
Common threats and mitigations
| Threat | Mitigation |
|---|---|
| Over-scoped permissions | Grant minimum required permissions only. Review and reduce scopes quarterly. |
| Leaked credentials | Use separate credentials per agent. Rotate every 90 days. Monitor for unauthorized access. |
| Compromised service account | Revoke access immediately. Review audit logs for unauthorized activity. Rotate credentials. |
| Runaway API usage | Implement rate limits per agent. Set alerts for unusual spike in API calls. |
| Personal account used for agents | Use dedicated service accounts. Never connect agents using personal user accounts. |
Best practices
- Grant minimum scoped permissions. Start with read-only, add write permissions workflow by workflow. Never grant admin or delete permissions without approval gates.
- Use OAuth instead of API keys. OAuth provides better security, automatic token refresh, and easier revocation.
- Rotate credentials every 90 days. Document the rotation schedule and automate it where possible.
- Use separate credentials per agent. Do not share API keys across multiple agents. This provides better auditing and easier revocation.
- Monitor for unauthorized access. Set up alerts for unusual patterns in API access logs.
Frequently asked questions
What permissions should AI agents have?
Minimum required permissions only. Start with read-only, add write permissions workflow by workflow. Never grant admin, owner, or delete permissions unless absolutely required and always gate those actions with human approval.
Should we rotate API credentials for agents?
Yes. Rotate credentials every 90 days for API keys. OAuth tokens refresh automatically. Document the rotation schedule and automate it where possible.
Can we use the same API key for multiple agents?
No. Use separate credentials for each agent. This provides better auditing, easier revocation, and clearer blast radius if credentials are compromised.
How do we handle credential leaks?
Immediately revoke the leaked credential, rotate to a new one, review audit logs for unauthorized activity, and investigate how the leak occurred. Never delay revocation.