Install the SDK — Linux, macOS, Windows, Docker

1. Get your API key.

Sign in to /dashboard/.
Open Settings → API keys.
Click Create key.
Pick scopes (ingest + read for SDK use), an expiry, click Create.
Copy the key shown once. Store it in your secrets manager.

Set AGENTAUDIT_API_KEY in your environment, or pass it to the SDK constructor explicitly.

2. Pick an install path.

One-line bootstrap

curl -fsSL https://www.agentaudit.co.uk/install.sh | bash

The script installs into ~/.agentaudit/venv, prompts for your API key (or reads $AGENTAUDIT_API_KEY), writes ~/.agentaudit/env mode 0600, and sends a test receipt.

Re-running is safe — it updates the SDK and re-verifies the chain. Requires Python 3.10+.

One-line bootstrap

iwr -useb https://www.agentaudit.co.uk/install.ps1 | iex

Installs into %USERPROFILE%\.agentaudit\venv with an ACL restricted to the current user. Same behaviour as the bash script — prompts for the key, writes the env file, sends a test receipt.

Sidecar container

docker pull ghcr.io/agentaudit/sdk:latest
docker run --rm -d \
  -e AGENTAUDIT_API_KEY=aa_live_... \
  -p 4318:4318 \
  ghcr.io/agentaudit/sdk:latest

Drop-in sidecar for non-Python runtimes (Node, Go, Java, .NET). Mirrors the SDK's ingestion and redaction over local port 4318. Same JSON envelope as the REST /api/v1/receipts endpoint.

Direct pip install

pip install agentaudit
export AGENTAUDIT_API_KEY=aa_live_...

If you'd rather skip the bootstrap, install the package directly. Then in your agent code:

import agentaudit
agentaudit.init(agent_id="my-agent-v1")

Signed Windows MSI

Authenticode-signed MSI for ops teams that prefer a desktop installer over a package manager. Bundles Python 3.11, installs the SDK into a managed virtualenv, writes the API key, sends a test receipt.

Currently in early access while we finalise Authenticode reputation. Request a build — public download lands Q3 2026.

Source: /installer on GitHub.

3. Verify in the dashboard.

Open /dashboard/.
The install banner at the top should flip from amber "waiting" to green "SDK connected · 1 receipt".
If it stays amber after 60s, run agentaudit doctor from the venv — it tests DNS, TLS, auth and ingestion in order and prints the first failure.

4. Wrap your agent.

Pick the framework adapter for your stack:

from agentaudit.adapters.openai import instrument
instrument(agent_id="claims-triage-v3")

# or
from agentaudit.adapters.claude_agent import instrument
instrument(agent_id="research-bot-v1")

# or for MCP servers
from agentaudit.adapters.mcp import audit_server
audit_server(server, agent_id="mcp-fileops")

Adapters available: OpenAI Agents SDK, Claude Agent SDK, MCP, LangChain, CrewAI. Drop-in code samples for each are in the SDK quickstart.

Fleet deploy.

For estate-wide rollouts (SCCM, Intune, Ansible, Kubernetes), see the ops-team playbook. Quick summary:

Linux servers: wrap the bootstrap in your existing config-management role; pass the API key from your secrets vault.
Windows fleet: deploy the signed MSI via SCCM or Intune; product/upgrade codes are stable across versions.
Kubernetes: SDK as image dependency, key from a Kubernetes Secret bound to AGENTAUDIT_API_KEY.

Troubleshooting.

Python not found: install Python 3.10+ from python.org or your package manager and re-run the bootstrap.
SSL: CERTIFICATE_VERIFY_FAILED: typically a corporate MITM proxy. Set REQUESTS_CA_BUNDLE to your CA bundle path before re-running.
401 Unknown or revoked API key: the key was revoked. Mint a new one in Settings → API keys.
Banner stays amber but receipts ARE arriving: hard-refresh the dashboard tab; the install banner polls every 30s and may have a stale render.