Skip to main content

Overview

Skyvern SDK authentication is handled via API keys. Different authentication methods are used depending on whether you’re running in cloud/remote mode or local/embedded mode.

Getting Your API Key

Skyvern Cloud

  1. Navigate to app.skyvern.com/settings
  2. Find your API key in the Settings page
  3. Copy and securely store your API key
Security Note: Never commit API keys to version control. Use environment variables or secure secret management.

Cloud/Remote Mode Authentication

When connecting to Skyvern Cloud or a self-hosted instance, provide your API key during initialization: 
from skyvern import Skyvern

skyvern = Skyvern(api_key="your-api-key")

Using Environment Variables

Store your API key in an environment variable for better security: 
import os
from skyvern import Skyvern

api_key = os.getenv("SKYVERN_API_KEY")
skyvern = Skyvern(api_key=api_key)

.env File

Create a .env file in your project root:
.env
SKYVERN_API_KEY=your-api-key
Then load it in your application: 
import os
from dotenv import load_dotenv
from skyvern import Skyvern

load_dotenv()
api_key = os.getenv("SKYVERN_API_KEY")
skyvern = Skyvern(api_key=api_key)

Local/Embedded Mode Authentication

When running Skyvern locally in-process, authentication is handled through your local .env file.

Setup

  1. Run the quickstart command to set up your environment:
skyvern quickstart
This creates a .env file with your SKYVERN_API_KEY and other configuration.
  1. Initialize Skyvern in local mode:
from skyvern import Skyvern

skyvern = Skyvern.local()
Note: Skyvern.local() automatically reads the SKYVERN_API_KEY from your .env file. You don’t need to provide it explicitly.

Manual .env Setup

If you prefer to create the .env file manually:
.env
SKYVERN_API_KEY=your-api-key
LLM_KEY=OPENAI_GPT4O
OPENAI_API_KEY=your-openai-key
# ... other configuration
Then: 
from skyvern import Skyvern

# Reads SKYVERN_API_KEY from .env
skyvern = Skyvern.local()

Cloud Browser Authentication

When connecting to cloud-hosted browsers, the SDK automatically includes your API key in the connection headers: 
from skyvern import Skyvern

skyvern = Skyvern(api_key="your-api-key")

# API key is automatically included in browser connection
browser = await skyvern.launch_cloud_browser()
page = await browser.get_working_page()

Managing Credentials for Login Workflows

Skyvern supports storing and using credentials for automated login workflows. These credentials are separate from your SDK API key.

Creating Credentials

Use the API to create credentials for login automation: 
from skyvern import Skyvern

skyvern = Skyvern(api_key="your-api-key")

# Create a password credential
credential = await skyvern.create_credential(
    name="my_user",
    credential_type="password",
    credential={
        "username": "[email protected]",
        "password": "secure_password"
    }
)

print(f"Credential ID: {credential.credential_id}")

Using Credentials for Login

Once created, reference credentials by ID in login workflows: 
from skyvern import Skyvern
from skyvern.schemas.run_blocks import CredentialType

skyvern = Skyvern(api_key="your-api-key")
browser = await skyvern.launch_cloud_browser()
page = await browser.get_working_page()

await page.goto("https://example.com/login")

# Use stored credential for login
await page.agent.login(
    credential_type=CredentialType.skyvern,
    credential_id="cred_123"
)

Supported Credential Providers

Skyvern integrates with multiple credential providers:
ProviderCredential TypeUse Case
SkyvernskyvernCredentials stored in Skyvern Cloud
BitwardenbitwardenRetrieve credentials from Bitwarden
1Password1passwordRetrieve credentials from 1Password
Azure Key Vaultazure_vaultRetrieve credentials from Azure Key Vault
Bitwarden Example: 
await page.agent.login(
    credential_type=CredentialType.bitwarden,
    bitwarden_item_id="item_id",
    bitwarden_collection_id="collection_id"
)
1Password Example: 
await page.agent.login(
    credential_type=CredentialType.onepassword,
    onepassword_vault_id="vault_id",
    onepassword_item_id="item_id"
)
Azure Key Vault Example: 
await page.agent.login(
    credential_type=CredentialType.azure_vault,
    azure_vault_name="vault_name",
    azure_vault_username_key="username_key",
    azure_vault_password_key="password_key"
)

Environment Configuration

You can specify different Skyvern environments: 
from skyvern import Skyvern
from skyvern.client import SkyvernEnvironment

# Skyvern Cloud (default)
skyvern = Skyvern(
    api_key="your-api-key",
    environment=SkyvernEnvironment.CLOUD
)

# Staging environment
skyvern = Skyvern(
    api_key="your-api-key",
    environment=SkyvernEnvironment.STAGING
)

# Self-hosted with custom base URL
skyvern = Skyvern(
    api_key="your-api-key",
    base_url="https://skyvern.yourcompany.com"
)

Security Best Practices

1. Never Commit API Keys

Add .env to your .gitignore:
.gitignore
.env
.env.local
.env.*.local

2. Use Environment Variables

Always load API keys from environment variables, never hardcode them: 
# ❌ DON'T DO THIS
skyvern = Skyvern(api_key="sk-1234567890")

# ✅ DO THIS
import os
api_key = os.getenv("SKYVERN_API_KEY")
skyvern = Skyvern(api_key=api_key)

3. Rotate API Keys Regularly

Rotate your API keys periodically and update them in your environment:
  1. Generate a new API key at app.skyvern.com/settings
  2. Update your .env file or environment variables
  3. Revoke the old API key

4. Use Different Keys for Different Environments

Use separate API keys for development, staging, and production:
.env.development
SKYVERN_API_KEY=dev-key-123
.env.production
SKYVERN_API_KEY=prod-key-456

5. Secure Credential Storage

When using create_credential(), credentials are stored securely in Skyvern’s encrypted storage. For maximum security:
  • Use credential providers like Bitwarden, 1Password, or Azure Key Vault
  • Enable 2FA/TOTP for sensitive login workflows
  • Regularly audit and rotate stored credentials

Troubleshooting

Invalid API Key Error

If you receive an “Invalid API key” error:
  1. Verify your API key at app.skyvern.com/settings
  2. Check that your .env file is being loaded correctly
  3. Ensure there are no extra spaces or quotes around the API key

Local Mode Not Finding API Key

If Skyvern.local() fails to find SKYVERN_API_KEY:
  1. Run skyvern quickstart to set up your environment
  2. Verify .env exists in your project root
  3. Check that .env contains SKYVERN_API_KEY=your-key

Cloud Browser Connection Failed

If cloud browser connection fails:
  1. Verify your API key is valid for cloud environments
  2. Check that you’re using SkyvernEnvironment.CLOUD or .STAGING
  3. Ensure your network allows WebSocket connections

See Also

  • Python SDK - Python SDK initialization and configuration
  • TypeScript SDK - TypeScript SDK initialization and configuration
  • AI Commands - Using credentials with page.agent.login()

Build docs developers (and LLMs) love

Get started for freeTalk to us