Implementing Security Best Practices

​

Protecting Your Service Token

• Secure Storage:
  • Environment Variables: The recommended way to store your Service Token is in an environment variable on your server. Most hosting platforms provide a secure way to set these.
  • Secrets Management Systems: For more advanced setups, use a dedicated secrets management system (e.g., HashiCorp Vault, AWS Secrets Manager, Google Cloud Secret Manager).
• NEVER Hardcode: Do not embed your Service Token directly into your source code, configuration files that are checked into version control, or client-side applications.
• Limit Access: Ensure that only necessary server processes and authorized personnel have access to the Service Token.
• Regular Audits (If Possible): If AgentPay Hub provides audit logs for Service Token usage, review them periodically for any suspicious activity. (Placeholder: Confirm if AgentPay Hub offers such audit logs.)
• Token Revocation/Rotation: Understand the process for revoking or rotating your Service Token via the AgentPay Hub in case of a suspected compromise. (Placeholder: Link to Hub documentation on managing Service Tokens.)

​

Handling User API Keys

• Transmission over HTTPS: Always ensure your MCP Server endpoints (where User API Keys are sent) are protected by HTTPS (TLS/SSL) to encrypt the keys in transit.
• Logging:
  • Avoid logging full User API Keys unless strictly necessary for short-term, secure debugging purposes.
  • If you need to log for request tracing, consider logging only a non-sensitive portion of the key (e.g., the first few or last few characters, or a hash).
  • Ensure your log storage is secure and access is restricted.
• Storage (Generally Not Needed Server-Side): Your server typically does not need to store User API Keys. They are passed with each request and forwarded to AgentPay for validation/consumption. Avoid storing them unless you have a specific, secure reason to do so.
• Input Validation: While the primary validation is done by AgentPay, perform basic sanity checks on the format of the API key if possible before sending it to the SDK, to catch grossly malformed inputs early.

​

Securing Your Server Environment

• Keep Systems Updated: Regularly update your server OS, Python, web framework, and all other dependencies to patch known vulnerabilities.
• Firewall: Use firewalls to restrict access to your server only from necessary ports and IPs.
• Input Sanitization: Protect against common web vulnerabilities (e.g., XSS, SQL injection, etc.) if your server has other non-MCP endpoints or handles user-generated content in other ways. This is less of a direct concern for API key handling but important for overall server hygiene.
• Rate Limiting (On Your Server): Consider implementing rate limiting on your server’s endpoints (separate from any rate limiting AgentPay might apply) to protect against abuse and denial-of-service attacks. This can prevent an attacker from rapidly burning through a user’s credits or trying to brute-force API keys (though AgentPay should also have protections).

​

Secure SDK Usage

• Keep SDK Updated: Use the latest version of the agentpay-sdk to benefit from security patches and improvements.
• Idempotency: Properly use the usage_event_id in consume() calls to prevent double-charging, which is also a form of financial integrity and security for your users.

​

Reporting Security Vulnerabilities

​

Next Steps

• Review Best Practices for Error Handling.
• Ensure your Payouts are configured correctly.