Skip to Content
Quickstart

Quickstart

Connect your agent to Relynt in under 30 minutes. No SDK required — it’s a single HTTP call.

Prerequisites

  • A Relynt account with an organization
  • Access to the Relynt dashboard
  • Your agent runtime (any language that can make HTTP requests)

Register an agent

Navigate to Agents → Register Agent in the dashboard. Give your agent a name and optional description. This creates an agent_id that identifies your agent across receipts, policies, and approvals.

Rotate a credential

On the agent’s Integration tab, click Rotate Credential. The plaintext secret is shown exactly once — copy it and store it in your secrets manager.

The secret cannot be retrieved after you close the modal. If you lose it, rotate again — the previous credential is automatically revoked.

Set environment variables

Add these to your agent’s runtime environment (Kubernetes secret, Lambda env, .env, etc.):

RELYNT_API_BASE_URL=https://your-relynt-instance
RELYNT_AGENT_ID=<from agent detail page>
RELYNT_AGENT_SECRET=<from rotation modal>

Never commit secrets to version control. Use a secrets manager or environment variables.

Call the gateway

Before your agent performs a write action, send a POST /v1/agent-tool-call request:

curl -X POST https://your-relynt-instance/v1/agent-tool-call \
  -H "Authorization: Bearer <agent_id>:<secret>" \
  -H "Idempotency-Key: $(uuidgen)" \
  -H "Content-Type: application/json" \
  -d '{
    "instance_id": "run-123",
    "action": "update_deal",
    "resource": "crm:deal:123",
    "payload": {
      "amount": 50000,
      "stage": "closed_won"
    }
  }'

Use a unique instance_id per agent run and a unique Idempotency-Key per request for safe retries.

Handle the decision

The response includes a decision field with one of three values:

{
  "decision": "allow",
  "receipt_id": "rec_abc123",
  "tool_response": { ... }
}
DecisionMeaningWhat to do
allowPolicy passed. Connector executed the action.Proceed — the action is done.
denyPolicy rejected the request.Do not proceed. Check reason for details.
pending_approvalA human approval was requested via Slack.Wait, poll, or use a fallback. Check approval_id.

View receipts

Every gateway call — allowed, denied, or pending — produces a signed, append-only receipt. View them at Receipts in the dashboard.

Each receipt includes:

  • Request hash (SHA-256 of the canonical request)
  • Policy version that was evaluated
  • HMAC signature for tamper detection
  • Approver identity (when applicable)

Use the receipt_id from the response for audit trails and debugging. You can verify any receipt’s integrity via the Verify button in the dashboard or the GET /v1/receipts/:id/verify endpoint.

What’s next

  • Policies — configure rules for your agent’s actions
  • Approvals — set up Slack-based human approvals
  • API Reference — full endpoint documentation
Last updated on
IntroductionAgents