Skip to content

v0.2.4 — ANTHROPIC_API_KEY first-class auth path + policy disclosure

Latest

Choose a tag to compare

@nitaybz nitaybz released this 29 Apr 09:18

Summary

Surfaces Anthropic's authentication policy and adds a fully-supported alternative auth path for operators whose use case doesn't fit "ordinary individual use of Claude Code by the subscriber."

  • CLAUDE_CODE_OAUTH_TOKEN (subscription OAuth from claude setup-token) remains the default for personal/internal automation.
  • ANTHROPIC_API_KEY is now first-class for automation, products, and multi-user scenarios — fully supported by Anthropic's terms.

If your install routes requests on behalf of teammates, customers, or anyone other than yourself, switch to Option B. The README's new Authentication and cost section walks through the trade-off and the policy risk in detail.

What's new

  • ANTHROPIC_API_KEY accepted by listener/src/runner.ts with precedence over CLAUDE_CODE_OAUTH_TOKEN when both are set
  • setup skill now branches on the auth choice with the policy disclosure inline
  • New Authentication and cost section in README + matching section on the website
  • scripts/doctor.sh, listener/src/watcher-checks.ts, doctor + setup-watcher skills all gate token-age behavior on Option A (API keys don't expire on a fixed schedule)
  • .env.example, docker/entrypoint.mjs, CLAUDE.md, ARCHITECTURE.md all updated to document both modes

No breaking changes

Existing installs on Option A keep working with no action required. To switch:

```bash

generate a key at console.anthropic.com → API Keys → Create Key

then in .env:

ANTHROPIC_API_KEY=sk-ant-...
CLAUDE_CODE_OAUTH_TOKEN= # clear or leave; API key wins when both set

then:

pm2 restart ginnie-agents-listener
```

See CHANGELOG.md for the full entry.