One API call to create a repo and a scoped token. No linking GitHub accounts, no user onboarding. Just git clone and go.
import { CommitKey } from '@commitkey/sdk'
const commitKey = new CommitKey()
// create a new repository in CommitKey
const repo = await commitKey.repo.create({
name: 'my-repo',
template: 'commitkey/vite-shadcn-tailwind'
})
// get a url that provides temporary access to the repo
const access = await repo.issueToken()
// use the git url to securely interact with the repo
sandbox.exec(`git clone ${access.gitUrl}`)When you integrate GitHub into your AI platform, you're forcing users into a competitor's ecosystem and creating security nightmares.
Every AI project creates repos in users' personal GitHub accounts, cluttering their profiles with thousands of unwanted repositories.
Users must create GitHub accounts, authorize your app, and manage OAuth tokens. Every step is friction that drives users away.
Sandboxes get broad GitHub tokens that can access any repo. One prompt injection and your agent is cloning private company code.
Users are inundated with ads for GitHub's competing offerings like Copilot, Codespaces, and Actions.
Users need GitHub accounts
Every user must create and manage a GitHub account
OAuth complexity
Complex authorization flows that users abandon
Account pollution
Thousands of repos cluttering user profiles
Overbroad permissions
Sandboxes can access any repo with broad tokens
No user accounts needed
Users never leave your platform
Zero OAuth friction
Direct API integration, no authorization flows
Org-owned repos
All repos live under your platform's namespace
Single-repo tokens
Each sandbox gets exactly one repo, scoped access
Watch how an AI coding assistant uses CommitKey to manage code across multiple projects without any user friction.
A user opens your AI coding assistant and asks to build a React app. Behind the scenes, your platform needs to create a repository for the AI to work with.
"Build me a React todo app with TypeScript and Tailwind CSS"
Your backend makes a single API call to CommitKey, creating a new repository under your organization's namespace. No user account needed.
CommitKey generates a time-limited token that gives the AI agent access to exactly this one repository, with full audit trail.
The AI agent uses standard Git commands to clone, commit, and push code. Every action is logged and attributed to the specific agent and session.
Your user gets a fully functional React app without ever leaving your platform or creating external accounts.
No OAuth flows, no account creation, no external redirects
Single-repo tokens, time-boxed access, complete audit trail
All repositories live under your organization's namespace
Insights, tutorials, and updates about Git infrastructure for AI agents and SaaS platforms.
