Skip to main content
Sign in →

Quick Start

Get ShieldAgent protecting your AI agents in under 5 minutes.

01Create your account

Sign up at app.shieldagent.io to create your organization. You’ll receive an API key on the Settings → API Keys page.

What you’ll need:

  • Your API key (from Settings → API Keys)
  • Your Tenant ID (shown on the dashboard home)

02Register an agent

Register your AI agent in the dashboard (Agents → Add Agent) or via the API:

bash
curl -X POST https://api.shieldagent.io/api/v1/tenants/{your-tenant-id}/agents \
  -H 'Content-Type: application/json' \
  -H 'Authorization: Bearer {your-api-key}' \
  -d '{
    "name": "coding-agent",
    "description": "VS Code Copilot integration"
  }'
# Response: {"id":"agt_...","name":"coding-agent","agentKey":"sa_live_..."}

Save the agentKey — your agent uses it to authenticate with the proxy. It is shown only once.

03Point your agent at the proxy

Update your agent’s MCP configuration to route through ShieldAgent instead of connecting directly to the MCP server:

mcp-config.json
{
  "mcpServers": {
    "filesystem": {
      "url": "https://proxy.shieldagent.io/mcp",
      "headers": {
        "Authorization": "Bearer {agent-key}"
      }
    }
  }
}

Replace {agent-key} with the agent key from step 02.

04Verify it’s working

Send a test tool call through the proxy to confirm everything is connected:

bash
curl -X POST https://proxy.shieldagent.io/message \
  -H 'Content-Type: application/json' \
  -H 'Authorization: Bearer {agent-key}' \
  -d '{
    "jsonrpc": "2.0",
    "id": 1,
    "method": "tools/call",
    "params": {
      "name": "read_file",
      "arguments": { "path": "/workspace/README.md" }
    }
  }'
# Response: {"jsonrpc":"2.0","id":1,"result":{...}}

Open the dashboard to see your first intercepted tool call in the audit trail.

05Create your first policy

Block dangerous tool calls by creating a deny rule (Dashboard → Policies → Add Rule, or via API):

bash
curl -X POST https://api.shieldagent.io/api/v1/tenants/{your-tenant-id}/policies \
  -H 'Content-Type: application/json' \
  -H 'Authorization: Bearer {your-api-key}' \
  -d '{"toolName":"delete_file","action":"deny"}'
# Response: {"id":"pol_...","toolName":"delete_file","action":"deny"}

Now any agent calling delete_file will be blocked, and the event appears in your audit trail.

06Use the SDK (optional)

For programmatic access, use the official SDKs:

TypeScript

example.ts
import { ShieldAgentClient } from '@shieldagent/sdk';

const client = new ShieldAgentClient({
  apiKey: '{your-api-key}',
  baseUrl: 'https://api.shieldagent.io',
});

const agents = await client.agents.list({ tenantId: '{your-tenant-id}' });
const events = await client.audit.list({ tenantId: '{your-tenant-id}', limit: 50 });

Python

example.py
from shieldagent import ShieldAgentClient

client = ShieldAgentClient(
    api_key="{your-api-key}",
    base_url="https://api.shieldagent.io",
)

agents = client.agents.list(tenant_id="{your-tenant-id}")
events = client.audit.list(tenant_id="{your-tenant-id}", limit=50)

Next Steps

Shadow Mode

Observe before enforcing

Policy Engine

Write advanced rules

Verdict API

Scan from your own server

Quick Start