Authentication

Thirdfy Agent CLI uses scoped credentials:

Email OTP first (recommended)

You do not need the Creator Platform to get started. Email onboarding bootstraps credentials directly:

# Step 1 — send OTP
thirdfy-agent login email you@example.com --json

# Step 2 — verify, accept terms, bootstrap agent + wallets
thirdfy-agent login email you@example.com --code "<otp>" --accept-terms --key-name "My Agent" --json

thirdfy-agent whoami --json
thirdfy-agent wallet list --json
thirdfy-agent help onboarding --json

On step 2, the CLI stores:

• Owner session in ~/.thirdfy/config.json
• A new agent API key when first-run bootstrap issues one
• executionWallets for supported chains
• Default runMode=agent_wallet for new solo profiles

Fund the execution wallet for the target chain before writes. The linked owner email wallet is for auth only. Do not fund it for Hyperliquid Bridge2 on the solo agent_wallet path.

Existing API key login

If you already have an agent API key (for example from Creator Platform):

thirdfy-agent login --auth-token "$THIRDFY_AUTH_TOKEN" --agent-api-key "$AGENT_API_KEY" --json
thirdfy-agent whoami --json

Execution-only — valid AGENT_API_KEY alone can run discovery + preflight + run + intent-status without THIRDFY_AUTH_TOKEN at runtime.

Thirdfy credits/free quota and Privy gas sponsorship are separate: Thirdfy credits gate access to execution, while Privy sponsorship covers network gas only when the chain/action is enabled and the app sponsorship balance is available.

Tables, logout semantics, and security notes: full CLI reference — Authentication model.