# Kontext

> Kontext is the identity control plane for AI agents. Developers use the Kontext SDK to issue short-lived, scoped credentials for external services, with policies, access controls, and audit trails managed centrally in Kontext.

## Docs

- [Applications](https://docs.kontext.security/api/applications.md): Create, configure, and manage applications and their integration attachments.
- [Integrations](https://docs.kontext.security/api/integrations.md): Create, configure, and manage integrations and their connections.
- [API Overview](https://docs.kontext.security/api/overview.md): Control applications, integrations, policies, sessions, and traces in the Kontext identity control plane.
- [Service Accounts](https://docs.kontext.security/api/service-accounts.md): Create and manage service accounts for backend and CI/CD automation.
- [Sessions](https://docs.kontext.security/api/sessions.md): List, inspect, and revoke active sessions for an application.
- [Traces](https://docs.kontext.security/api/traces.md): Query trace data and statistics for tool call observability.
- [Authentication](https://docs.kontext.security/client/authentication.md): Handle OAuth sign-in, callbacks, and session management in the client SDK.
- [Client SDK](https://docs.kontext.security/client/overview.md): Use the Kontext client SDK to run agents with short-lived, scoped credentials managed by the Kontext identity control plane.
- [Storage](https://docs.kontext.security/client/storage.md): Persist tokens across sessions with custom storage backends.
- [Tools](https://docs.kontext.security/client/tools.md): List, inspect, and execute MCP tools through the Kontext client.
- [Authentication & Identity](https://docs.kontext.security/concepts/authentication.md): How agents and users prove who they are. Two OAuth2 flows, two SDK surfaces, and how they connect to your existing identity provider.
- [How Kontext Works](https://docs.kontext.security/concepts/how-kontext-works.md): Kontext is the control plane between your agents and the integrations they access. It verifies identity, enforces policy, brokers credentials, and logs every action.
- [Integrations](https://docs.kontext.security/concepts/integrations.md): How Kontext connects your applications to external services. Auth modes, OAuth credential management, connection lifecycle, and runtime access.
- [Errors](https://docs.kontext.security/errors.md): Error handling patterns and reference for the Kontext SDK.
- [A Secure Agent Architecture](https://docs.kontext.security/foundations/a-secure-agent-architecture.md): The building blocks of secure credential delegation for agents.
- [How Teams Solve It Today](https://docs.kontext.security/foundations/how-teams-solve-it-today.md): Common patterns for giving agents access to APIs, and where each pattern cuts corners.
- [Where It Breaks](https://docs.kontext.security/foundations/where-it-breaks.md): Failure modes when agents use shared, static, or overprivileged credentials.
- [Why Agents Need Credentials](https://docs.kontext.security/foundations/why-agents-need-credentials.md): Agents call APIs on behalf of users. Those APIs require authentication.
- [Cloudflare Agents](https://docs.kontext.security/frameworks/cloudflare.md): Add Kontext integrations to Cloudflare Agents with the withKontext mixin.
- [React](https://docs.kontext.security/frameworks/react.md): Add Kontext authentication and integration management to React applications.
- [Vercel AI SDK](https://docs.kontext.security/frameworks/vercel-ai.md): Use Kontext tools with the Vercel AI SDK for multi-step AI conversations.
- [Quickstart](https://docs.kontext.security/getting-started/quickstart.md): Get scoped, short-lived credentials for your agent in under 5 minutes.
- [Getting Started](https://docs.kontext.security/getting-started/welcome.md): Ship agents to production — with identity, permissions, and audit trails built in.
- [Overview](https://docs.kontext.security/sdks/management.md): Typed TypeScript client for automating configuration in the Kontext identity control plane.
- [Overview](https://docs.kontext.security/sdks/typescript.md): Install and configure the Kontext TypeScript SDK for agents with runtime identity and scoped credentials.
- [Client Types](https://docs.kontext.security/sdks/typescript/client.md): Type reference for createKontextClient, the client interface, tools, integrations, and storage.
- [Server Types](https://docs.kontext.security/sdks/typescript/server.md): Type reference for the Kontext server class, middleware options, and credential types.
- [Helpers](https://docs.kontext.security/sdks/typescript/utilities.md): Low-level MCP client, error types, token verification, and OAuth helpers.
- [Credentials](https://docs.kontext.security/server/credentials.md): Exchange user tokens for integration credentials inside your MCP tool handlers.
- [Middleware](https://docs.kontext.security/server/middleware.md): Configure the Express middleware for OAuth, MCP transport, and session management.
- [Overview](https://docs.kontext.security/server/overview.md): Build MCP servers that obtain short-lived, scoped integration credentials from the Kontext identity control plane.
- [Production](https://docs.kontext.security/server/production.md): Deployment checklist for running Kontext MCP applications in production.