Janee
Secrets management for AI agents via MCP — agents call your APIs without ever seeing the keys.
Add to your client
Copy the config for your MCP client and paste it into its config file.
npm install -g @true-and-useful/janeePaste into ~/Library/Application Support/Claude/claude_desktop_config.json
{
"mcpServers": {
"janee": {
"command": "janee",
"args": [
"serve"
]
}
}
}Step-by-step guides: Add to Claude Desktop · Add to Cursor · Add to Windsurf
Before you start
- Node.js 18+
- An MCP client (Claude Desktop, Claude Code, Cursor, Codex CLI, or OpenClaw)
- API keys for the services you want agents to access
- Install globally: npm install -g @true-and-useful/janee, then run janee init
About Janee
Janee is a local-first secrets-management MCP server. It stores your API keys encrypted on your machine and exposes MCP tools that let agents call APIs (HTTP proxy mode) or run CLI tools (exec mode) without ever seeing the underlying credentials. Every request is logged, time-limited, and governed by allow/deny policies, giving you an audit trail and a kill switch for agent API access.
Tools & capabilities (5)
list_servicesDiscover the APIs available through Janee and their policies.
executeMake an HTTP API request through Janee (proxy mode); Janee injects the real credential and logs the request.
execRun a whitelisted CLI command with credentials injected as environment variables (exec mode); the agent only sees stdout/stderr.
manage_credentialView, grant, or revoke access to agent-scoped credentials.
reload_configReload config from disk after adding/removing services (available when started with janee serve).
When to use it
- Let Claude Code or Cursor call GitHub, Stripe, or OpenAI APIs without exposing the raw keys
- Give autonomous agents short-lived GitHub App installation tokens instead of static PATs
- Let agents run git push/pull/clone over HTTPS with credentials injected automatically
- Enforce read-only access to sensitive APIs (e.g., GET-only Stripe) via per-capability allow/deny rules
- Maintain a full audit trail of every API request an agent makes, with instant session revocation
- Run exec-mode CLI tools (Twitter/X, AWS SES/S3) with secrets kept encrypted and out of agent context
Security notes
Keys are stored encrypted at rest with AES-256-GCM in ~/.janee/ and never sent to a cloud. Agents never see raw credentials — Janee injects them server-side. Per-capability allow/deny request rules are enforced server-side even if an agent lies about its reason. Agent identity is derived from clientInfo.name in the MCP initialize handshake; access can be locked down with allowedAgents allowlists plus defaultAccess: restricted. Sessions are time-limited and revocable (janee revoke), and every request is logged to ~/.janee/logs/.
Janee FAQ
Do my agents ever see the real API keys?
No. Keys are stored encrypted in ~/.janee/ and Janee injects them server-side. Agents only get the API response (proxy mode) or stdout/stderr (exec mode).
How do I add Janee to Claude Code?
Run `claude mcp add janee --command janee --args serve --scope user`, or add a mcpServers entry with command "janee" and args ["serve"] to ~/.claude.json.
What auth types are supported?
bearer, basic, HMAC for Bybit/OKX/MEXC, custom headers, Google service-account, GitHub App tokens, Twitter/X OAuth 1.0a, and AWS SigV4.
Can I use it with agents running in Docker containers?
Yes. The Runner/Authority architecture runs the credential-holding Authority on the host and a Runner inside each container; the Runner executes exec commands locally while credentials stay on the host.
How do I revoke access?
Sessions are time-limited via TTLs and can be killed with `janee revoke <id>`, or you can delete/update the config. Deleting a key updates it in one place for all agents.
Alternatives to Janee
Compare all alternatives →
Microsoft's official browser-automation MCP using Playwright's accessibility tree (no vision model).
Up-to-date, version-specific library documentation injected into your coding agent.
Code intelligence engine that indexes repos into a persistent knowledge graph for AI coding agents.