Get a Nevermined API Key - Nevermined Documentation

Every Nevermined call an agent makes needs an API key. The first key is the one thing an agent can’t mint itself — a human must sign in once. But the agent can make that painless: it hosts a callback, hands the human one URL, and captures the key automatically when they sign in. After that, it stores and reuses the key forever.

Useful for

Bootstrapping a brand-new agent that has no credentials yet.
Getting the key back to the agent automatically — no human copy-pasting secrets.
Issuing environment-specific keys: a sandbox: key for testing, a live: key for production.

Try it yourself

You are my autonomous payments agent. I don't have a Nevermined API key yet — get one for the sandbox environment with as little effort from me as possible.

Host a one-shot callback server on 127.0.0.1, then give me a single sign-in URL to open. Capture the key automatically from the redirect (don't make me copy-paste it), store it as NVM_API_KEY, and confirm it works by listing my payment methods. The key for this environment starts with "sandbox". Use the Nevermined `nevermined-payments` skill (https://github.com/nevermined-io/docs/tree/main/skills/nevermined-payments) for the steps and endpoints.

How it works

There are two ways to get the key — the agent should prefer the embedded flow, which returns the key automatically.

Option A — embedded login (key returns automatically)

The agent hosts an HTTP server on 127.0.0.1:<port> with a /callback route, then hands the human this URL:

https://nevermined.app/auth/cli?callback_url=http://127.0.0.1:<port>/callback

After the human signs in, the browser is redirected to http://127.0.0.1:<port>/callback?nvm_api_key=<api-key>. The agent reads nvm_api_key off that request and stores it.

The key arrives in the callback query string — the most-logged part of a request. The callback server must not log the request line, and the key belongs in a secret store, never on disk in the clear.

Option B — manual paste (works anywhere)

If the agent can’t host a localhost callback, the human creates the key in the app and pastes it back: sign in at nevermined.app → Settings → Global NVM API Keys → create a key for the right environment. See Get Your API Key for the full UI walkthrough.

Store, reuse, and use it

The key doesn’t expire per request — store it once (e.g. NVM_API_KEY) and reuse it. Use it as a Bearer token on REST calls, or pass it to the SDK:

REST
TypeScript
Python

GET {API_BASE}/payment-methods
Authorization: Bearer <api-key>

import { Payments } from '@nevermined-io/payments'

const payments = Payments.getInstance({
  nvmApiKey: process.env.NVM_API_KEY, // "sandbox:..." or "live:..."
  environment: 'sandbox',
})

import os
from payments_py import Payments, PaymentOptions

payments = Payments.get_instance(
    PaymentOptions(nvm_api_key=os.environ["NVM_API_KEY"], environment="sandbox")
)

Match the key to the environment: a sandbox: key only works against api.sandbox.nevermined.app, and live: only against api.live.nevermined.app.

Get Your API Key

The web-app walkthrough for creating and managing keys.

Buy access

With a key in hand, make your first autonomous purchase.

​Useful for

​Try it yourself

​How it works

​Related

Get Your API Key

Buy access

Useful for

Try it yourself

How it works

Related