Skip to content

fix(sdk): inject API key into all HTTP requests #50

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
AbirAbbas merged 1 commit into from
Dec 3, 2025
Merged

fix(sdk): inject API key into all HTTP requests #50

AbirAbbas merged 1 commit into from
Dec 3, 2025

Conversation

@AbirAbbas
Copy link
Contributor

@AbirAbbas AbirAbbas commented Dec 3, 2025

Summary

  • Automatically inject X-API-Key header in AgentFieldClient._async_request() when api_key is configured
  • Only injects if header not already present (won't overwrite explicit headers)
  • Fixes 401 errors when control plane has authentication enabled

Problem

When authentication is enabled on the control plane, the Python SDK was failing with 401 errors on:

  • Async status updates (_post_execution_status)
  • Memory operations (vector search, set, get, etc.)

The SDK had api_key configured but wasn't including it in the X-API-Key header for HTTP requests.

Solution

Central fix at AgentFieldClient._async_request() that automatically injects the API key into all outbound requests. This covers both async (httpx) and sync fallback (requests) paths.

Test plan

  • Deploy to staging with auth-enabled control plane
  • Verify async status updates succeed (no more 401 errors)
  • Verify memory vector search works
  • Verify other memory operations (set, get, delete) work

🤖 Generated with Claude Code

@AbirAbbas @claude
fix(sdk): inject API key into all HTTP requests
97673bc 
The Python SDK was not including the X-API-Key header in HTTP requests
made through AgentFieldClient._async_request(), causing 401 errors when
the control plane has authentication enabled.

This fix injects the API key into request headers automatically when:
- The client has an api_key configured
- The header isn't already set (avoids overwriting explicit headers)

Fixes async status updates and memory operations (vector search, etc.)
that were failing with 401 Unauthorized.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
@AbirAbbas AbirAbbas merged commit 645a8d1 into main Dec 3, 2025
15 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@AbirAbbas