> ## Documentation Index > Fetch the complete documentation index at: https://agno-v2-studio-tools-doc.mintlify.site/llms.txt > Use this file to discover all available pages before exploring further. # Security & Auth > Secure your AgentOS with authentication and authorization. AgentOS supports two security modes: | Mode | When to use | | ------------------------------- | --------------------------------------------------------------- | | **Authorization** (Recommended) | Production. JWTs prove identity and scopes control permissions. | | **Basic Authentication** | Development. A shared key proves identity. | ## Authorization AgentOS validates JWT tokens and checks scopes against required permissions for each endpoint. Enable it with `authorization=True`: ```python theme={null} from agno.os import AgentOS agent_os = AgentOS( id="my-agent-os", agents=[my_agent], authorization=True, ) ``` Tokens can be issued by the AgentOS control plane, your own backend, or a third-party identity provider like WorkOS, Auth0, or Okta. Requests without a valid JWT return `401 Unauthorized`; requests with insufficient scopes return `403 Forbidden`. See [Authorization](/agent-os/security/authorization/overview) for the full setup. ## Basic Authentication Set a shared secret in the `OS_SECURITY_KEY` environment variable: ```bash theme={null} export OS_SECURITY_KEY="your-secret-key" ``` Requests without a valid `Authorization: Bearer ` header return `401 Unauthorized`. This is the simplest path to a protected AgentOS, suitable for local development or single-team prototypes. For production deployments, use [Authorization](#authorization) instead. ## Next Steps JWT validation, scopes, roles, and per-user data isolation. Token sources, claim extraction, and parameter injection.