Tutorial 02

Generate your first API key

Why this matters

First, what’s an API key? Think of it as a password — but for software, not for people. Your password logs you in; an API key logs in an app on your behalf. Same idea as a spare house key for your dog walker: easy to make, easy to take back, easy to make a new one if you ever want to. (API keys are the same — make as many as you need, delete any one any time, and deleting one never affects the others.)

Most AI-powered apps come with generic AI built in — Zapier and Make for automations, the AI inside your email or document apps, ChatGPT-style assistants, even developer tools like Cursor or Claude Code. Hand any of them your Auxot key, and they talk to your agents instead.

Your API key is how Auxot stops being just a tab in your browser. To plug one of those apps into Auxot, it needs two things: your Auxot web address (the one at the top of your browser when you’re logged in) and the API key you’re about to create. That’s it.

After that, your apps reach your agents — same agents you use in chat, same context files attached, same AI model behind the scenes. Just a different way in.

Today, generate the key and confirm it works. Tomorrow, hand it to your favorite app — and watch the rest of your work start running through your agents.

Your API key is the bridge between any OpenAI-compatible tool — Cursor, Claude Code, scripts, anything — and the same agents you use in Auxot’s chat. Different starting point, same agent doing the work.

Quick start

1. Sign in — open Auxot in your browser and log in.
2. Open API Key settings — go to Settings → API Keys in the left menu.
3. Create a Personal API Key — click Create, name it after where it’ll live (e.g., “Cursor on my laptop”), and confirm.
4. Copy the key — you’ll only see the full key once. Paste it into a password manager.
5. Test it — run a one-line curl command from your terminal to confirm the key works. (curl is a small built-in tool that asks a web service a question and prints the answer. Never used it? Walkthrough → Step 5 below has a friendly click-by-click guide.)

Done? Key copied, key tested. Now stop using it like a key and start using it like a power tool — keep reading.

The agent can do that?

You have a key. These three setups each turn it from a string into a different way of working — same key, different angles of leverage.

1. Point a tool at it

The fastest way to put this key to work isn’t to write code. It’s to drop the key into a tool you already use and let that tool start talking to your agents instead of generic AI. Two paths.

No-code flavor (Zapier, Make, or your no-code automation tool of choice):

In your tool, add an “OpenAI” or “ChatGPT” action. Override the base URL with https://YOUR-AUXOT-DOMAIN/api/openai and paste your Auxot key as the API key. That’s it — your “when X happens, ask AI to do Y” automations now run through your agents, with all the same instructions and context files they use in chat.

Developer flavor (Cursor, Claude Code, Continue, Aider, or your own scripts):

In your tool’s settings, add a Custom OpenAI Endpoint and fill in three things:

Base URL: https://YOUR-AUXOT-DOMAIN/api/openai
API Key:  [your Personal API Key]
Model:    [your agent's UUID, or any model name your account has connected]

Why it’s non-obvious: Most people think “API key” means “I’ll write a script.” It really means any tool that already speaks the OpenAI standard now talks to your agents — the same key works in Zapier, in Cursor, in a Python script, anywhere. Your automations just gained your business context. Your editor’s AI just became your team’s AI.

2. Hand it a stack of work

Sometimes you have a stack of the same kind of work piled up — fifty customer emails waiting for replies, a quarter of expense reports needing summaries, a backlog of resumes to screen, a folder of survey responses to read. Whatever the stack is, hand it to your agent and let it work through every item the same way, one at a time. Two paths.

No-code flavor (Zapier, Make, or your no-code automation tool of choice):

In your automation tool, set the trigger to whatever signals “a new item to handle” — a new row in a Google Sheet, a new email matching a filter, a daily scheduled run. For the action, pick “Custom OpenAI request” (or whatever your tool calls it — most have one), point it at https://YOUR-AUXOT-DOMAIN/api/openai/chat/completions, and use your Auxot key as the Authorization header. The trigger fires, your agent answers, the result lands wherever you wanted it — Slack, email, a Google Sheet, anywhere.

Developer flavor (bash):

A loop in bash reads items from a file and pipes each one through your agent:

while read -r item; do
  curl -s https://YOUR-AUXOT-DOMAIN/api/openai/chat/completions \
    -H "Authorization: Bearer $AUXOT_KEY" \
    -H "Content-Type: application/json" \
    -d "{\"model\": \"YOUR_AGENT_UUID\", \"messages\": [{\"role\": \"user\", \"content\": \"$item\"}]}" \
    | jq -r '.choices[0].message.content'
done < items.txt

Why it’s non-obvious: What used to take you an hour of repetitive work now takes ninety seconds, and the agent treats every item the same way — same instructions, same context files, no drift, no fatigue. Whether you set this up in Zapier or run it from the terminal, the agent is doing the same job, the same way it would in chat.

3. Find the gaps in your plans

Here’s where this gets interesting: use an agent to find the gaps in your plans, the opportunities you’ve been losing, the moves that would up your game. This is the work nobody on your team has time to do — and the work that pays off the most when somebody finally does. Two paths.

No-code flavor (Zapier, Make, or similar):

Set up an agent with your annual plan, your team’s project trackers, your last four board decks, your competitor briefings, and your customer feedback themes — all attached as context files. Then put it on a schedule to do gap-finding work that takes a person all day:

• Every Monday morning, the agent compares your plan to last week’s actual activity and emails you back the gaps — what’s moving forward, what’s stalled, what’s quietly drifted off the map since you wrote the plan. The trigger is the calendar.
• Every time a board deck or investor update goes out the door, the agent audits it against your last four. What did you commit to in those that’s gone silent? What’s missing from this one that was a priority then? What’s the gap between the story you used to tell and the story you’re telling now? The trigger is the deck export.
• Once a month, the agent reads your plan alongside your latest competitor briefings and comes back with the moves your competitors are making that your plan has no answer for — the opportunities you’ve left on the table, the bets you haven’t made, the gaps in your market position. The trigger is a monthly schedule.

These triggers aren’t slash commands. They’re the rhythm at which gap-finding actually needs to happen — every Monday, every board update, every month. The agent reads everything you’ve given it and tells you what’s missing.

Developer flavor (a pre-commit hook that asks an agent to find gaps in your code):

git diff --cached | curl -s https://YOUR-AUXOT-DOMAIN/api/openai/chat/completions \
  -H "Authorization: Bearer $AUXOT_KEY" \
  -H "Content-Type: application/json" \
  -d @- <<EOF
{"model": "YOUR_CODE_REVIEW_AGENT_UUID", "messages": [{"role": "user", "content": "Review this diff against our codebase conventions and recent post-mortems. What's missing? What edge cases haven't been handled? What did this change forget to update? Be specific."}]}
EOF

Why it’s non-obvious: You’ve made a lot of commitments — in plans, in decks, in meetings, in updates. Then the calendar fills up, work moves on, and some of those commitments quietly fade. That’s not a failure of discipline; it’s how plans operate over time. Nobody on your team has the time to read everything you’ve ever written and ask: “where did we say we’d do something, and what’s actually happening with it?” The agent does, in seconds. With your plans, your numbers, your past decisions, and your competitive landscape attached as context files, it becomes the gap-finder you’ve never had time to be.

Go deeper

Walkthrough

Step 1: Sign in

Open Auxot in your browser and sign in.

Step 2: Open API Key settings

Click Settings in the left menu, then API Keys. You’ll see two sections — Personal API Keys at the top, Team API Keys below. We’ll use a Personal API Key here.

(Team API Keys are shared keys that belong to the team itself — anyone with the right access can use them, and they keep their identity tied to the team rather than to one person. See Tutorial 11: Create a shared Team API Key. Available on Business and Enterprise plans.)

Step 3: Create a Personal API Key

Click Create, give the key a name (anything works — spaces are fine, capitalization doesn’t matter, no special character rules to worry about), and confirm. Two rules of thumb on naming:

• Name keys after where they’ll be used, not what they’re for. “Cursor on my work laptop” tells you exactly which tool the key belongs to. “Marketing Zapier account” tells you which automation it powers. “Daily standup automation” tells you what it’s connected to. “AI helper” tells you nothing.
• One key per tool. It’s tidier — you can see at a glance which key powers which tool. And if you ever want to switch tools or retire one (Zapier to Make, new laptop, sunsetting an old automation), you just delete that one key. Your other keys keep working with their tools, completely untouched.

A heads-up about what’s coming: the actual key string Auxot generates in the next step will start with user. — that’s Auxot’s automatic tag for personal keys (Team keys start with team.). You don’t type the prefix; Auxot adds it. It’s just how the key identifies itself once you see it.

Step 4: Copy the key

Auxot shows you the full key one time, in a modal, with a copy-to-clipboard button.

• Click Copy. It’s faster and more accurate than typing.
• Save it where you save your passwords — your password manager is the right place for it. (Developers: a .env file you’ve added to .gitignore works too.)
• Treat it like a password. Same rules as any password: it goes in your password manager, not in chat messages, screenshots, or shared docs.

If you close the modal before copying, no harm done — delete that key from the list and click Create again. Deleting a key takes one click, only affects that one key, and there’s no situation you can’t get out of by making a new one.

Step 5: Test it from a terminal

This is the most technical step in the tutorial — and the most useful confirmation that your key actually works. If you’ve never run a curl command before, take a breath. It’s one command, you can copy-paste most of it, and you only have to do it once.

What’s curl? A small program built into Mac and Linux (and available on Windows) that sends a request to a web address and prints back what the web address says. Think of it as the simplest way for you to ask Auxot a question from your computer’s command line — the same way Cursor or Zapier would ask under the hood. The point of testing this way is to prove your key works, separate from any specific tool.

a. Open a terminal.

• Mac: press Cmd + Space to open Spotlight, type Terminal, press Enter.
• Windows: open the Start menu, type Command Prompt or PowerShell, press Enter.
• Linux: you know this.

You’ll see a window with a blinking cursor. That’s the terminal.

b. Copy the command below into the terminal. Click anywhere inside the terminal window first so your keyboard is talking to it, then paste.

curl https://YOUR-AUXOT-DOMAIN/api/openai/chat/completions \
  -H "Authorization: Bearer YOUR_KEY_HERE" \
  -H "Content-Type: application/json" \
  -d '{
    "model": "gpt-4",
    "messages": [{"role": "user", "content": "Hello!"}]
  }'

c. Edit three things in the command before pressing Enter. The command has three placeholder words written for you — find each one and replace it with your real value.

• Find YOUR-AUXOT-DOMAIN → replace with the URL you log in at (something like auxot.yourcompany.com — whatever’s in your browser’s address bar when you’re using Auxot).
• Find YOUR_KEY_HERE → replace with the key you copied in Step 4. Paste the whole thing — it starts with user..
• Find gpt-4 → replace with the name of any AI model your account has connected. (You can see your connected models in Settings → AI Models. If GPT-4 is in your list, you can leave it as-is. To call a specific agent instead, paste an agent’s UUID — find UUIDs in Settings → Agents.)

d. Press Enter.

After a moment, you’ll see a wall of text come back. It’s JSON — a structured way of writing data. Look for the part that says choices and inside it message and inside that content. That content value is the AI’s reply. If you see a sensible reply, the key works and you’re plumbed in.

If something went wrong instead, Go deeper → Troubleshooting lists the common errors and how to fix them.

What’s next

• → Tutorial 03: Take Auxot’s pulse in 10 seconds — when the API key works but the AI doesn’t, this is the page you’ll live on.
• → Tutorial 04: Add your first context file — the same agents you’re calling from your editor get smarter the moment you give them your business’s actual files.
• → Tutorial 08: Define a tool policy — give your agents real capabilities (search, code execution, internal APIs) — accessible from anywhere this API key reaches.

Reference

• Pages in Auxot: Settings → API Keys, Settings → Agents (to find agent UUIDs), System Health
• API base URL (OpenAI-style): https://YOUR-AUXOT-DOMAIN/api/openai
• API base URL (Anthropic-style): https://YOUR-AUXOT-DOMAIN/api/anthropic
• Authentication: Authorization: Bearer YOUR_KEY
• Key prefixes: user. for personal keys, team. for shared team keys
• For developers: POST /api/openai/chat/completions (OpenAI-compatible), POST /api/anthropic/v1/messages (Anthropic-compatible), GET /api/openai/models to list available models
• See also: Tutorial 04: Add your first context file, Tutorial 08: Define a tool policy