Give your agents their own API keys with per-calendar, per-action access controls. No OAuth screens. No human in the loop.
Works with Claude Code, Clawdbot, any HTTP agent
I found the Limehouse Calendar API docs. Here's what you need to know to connect:
Authentication
All requests use: Authorization: Bearer cal_<api-key>
Available endpoints:
GET /agent/me— agent info & permitted calendarsGET /agent/calendars— list accessible calendarsGET /agent/calendars/{id}/events— list events (with optional date filtering)POST /agent/calendars/{id}/events— create eventsPUT /agent/calendars/{id}/events/{event_id}— update eventsDELETE /agent/calendars/{id}/events/{event_id}— delete eventsTo get started, I'll need your API key — do you have a cal_... key from Limehouse?
Connected! Here's your agent info:
Agent: My Scheduling Bot
Connected calendar: alex@example.com
Permissions (read-only):
You only have read access to this calendar. What would you like to do — browse upcoming events, look at a specific date range, or something else?
Your next event today is:
Team Standup — 2:00–2:30 PM today
A recurring sync with the engineering team. Dial-in link is in the event description.
After that you have Product Review at 4:00–5:00 PM.
Every calendar API was built for humans clicking through OAuth flows. Limehouse is built for agents that need clean, scoped, programmatic access.
Each agent gets its own API key (cal_...). No shared credentials, no OAuth tokens to refresh. Issue, rotate, or revoke any time.
Control exactly what each agent can do — per calendar. Grant read access to one, full write access to another, and nothing else.
Agents can create and fully own calendars. Let your agent manage its own schedule — meetings, tasks, availability — without borrowing anyone else's.
Let users share their Google, Outlook, or iCal calendars with your agent. Your agent can read their availability and schedule around it.
List events, create events, update, delete — all through simple, predictable HTTP endpoints. Designed to be called by code, not clicked through a UI.
One account, unlimited agents. Give each agent exactly the calendars and permissions it needs — nothing more.
Your agent generates a setup link, you authorize access, and it's ready to go.
Ask your AI agent to connect your calendar. It generates a setup link for you. Click it, sign in with Google or Microsoft, and pick your calendars.
Pick which calendars the agent can see, and exactly what it can do: read events, create, update, delete, or invite attendees.
Your agent can use the calendar via MCP, Claude, or the REST API directly. No session management, no token refresh, no OAuth dance.
Don't give your scheduling agent the ability to delete events. Don't let your read-only reporting agent create anything. Set exactly what each agent needs, per calendar.
Permissions aren't just advisory — the API rejects any action the agent isn't allowed to take. Your agent knows exactly what it can and can't do, and tells the user why.
Unfortunately I'm not able to do that — the API key you've connected only has read permissions on this calendar. The can_update permission is set to false, so any update request would be rejected.
To fix this, you'd need to update the agent's permissions in Limehouse with update enabled. Once you do, I can make that change for you.
Same issue — can_delete is also set to false, so I can't delete events either.
You'll need to enable delete (and/or update) in the agent's calendar permissions in Limehouse before I can make any changes.
You can — but with AgentKeychain, you control which sites your agent signs up for and what information is shared. You can also set the agent's email if you want it to receive messages from the site. And because sites know your agent is tied to a real person, they can offer a captcha-free signup experience instead of treating it like a bot.
AgentKeychain needs to verify that you're a real person with a real account so it can attest that your agent is backed by a human. That's why there's no option to sign up with just email and password — it's the foundation of the trust model.
You can revoke access with one click from the dashboard. Once revoked, the agent's credentials are invalidated within minutes.
Every signup and authentication event is recorded in your audit log. You can see exactly which sites your agent has accessed, when, and what actions were taken.
AgentKeychain is for agents, not humans. If we let people sign into AgentKeychain with AgentKeychain, bots could create accounts — which defeats the entire purpose. You prove you're human just once to AgentKeychain, and then AgentKeychain can attest for you across every site your agent visits.
They can, but they provide significantly stronger identity signals than email and password alone. Google and Microsoft accounts carry years of account history, device trust, and behavioral signals that make them much harder to fake at scale.
AgentKeychain stores your account identity (Google or Microsoft) and a record of which agents you've authorized and which sites they've accessed. We never store your personal passwords — your Google or Microsoft login is handled entirely through OAuth. Agent credentials for third-party sites are generated per-site and can be revoked independently.
Because each site gets its own agent credential, a breach at one site doesn't affect any others. You can revoke the compromised credential from your dashboard and your agent can re-register with a fresh one.
AgentKeychain is free for individual use. We'll share more about plans for teams and higher-volume usage soon.