Developers are wrestling with how to securely grant AI coding agents access to services like GitHub and Stripe without resorting to insecure, long-lived API keys dumped in `.env` files. Kontext CLI, an open-source utility written in Go, addresses this by acting as a credential broker, eliminating secret sprawl and providing necessary access lineage.

The tool exchanges declared credential placeholders, like `{{kontext:github}}`, for short-lived tokens using RFC 8693 token exchange when available. For static keys, the backend injects the credential directly into the agent’s runtime environment. This architecture ensures secrets exist only in memory during the session, a major departure from current risky practices.

Every action taken by the agent via tool calls is streamed back to the Kontext backend for auditing, keyed to the specific user, session, and organization. This mirrors a Security Token Service pattern, where authentication is handled once via OIDC, and scoped credentials are minted on demand. The CLI communicates with the backend using ConnectRPC.

Installation is straightforward via `brew install` or direct binary download, allowing immediate use with agents like Claude Code. The infrastructure for server-side policy enforcement, allowing or denying specific tool calls, is already wired into the system, promising tighter governance soon.