Bring your own keys

When a platform sits between you and the tools you depend on, two questions decide whether you can actually adopt it: whose accounts are these and who can see the secrets. ModuleX answers both the same way — they're yours, and almost no one.

Your accounts, your bill

ModuleX is designed to run on credentials you bring. Connect your own model providers and tool accounts, and usage is billed by those providers directly, with no ModuleX markup on it. You start fast on ModuleX-managed options if you want, and move to your own setup the moment you're ready — without re-architecting anything.

The practical effect: your model choice and your costs stay where they belong. ModuleX orchestrates the work; it doesn't insert itself into your vendor relationships.

Secrets your team never has to touch

"Bring your own keys" is only useful if the keys don't then leak across your team. So the connection model is built around a separation:

• You connect a tool once — an API key, OAuth, or a token, depending on the tool.
• ModuleX encrypts it and scopes it to your organization.
• Your teammates can run approved work against that integration without ever seeing the underlying key.

That's the part that makes this safe to roll out beyond one admin. The person who connects Stripe isn't the same person who later asks an agent to reconcile yesterday's charges — and they don't need to be, because the credential is an org-level capability, not a secret passed around in a doc.

Why this matters for agents specifically

An agent acting on your behalf is exactly the case where credential hygiene can't be an afterthought. Because the agent runs as your organization against scoped, encrypted keys — and can pause for approval before sensitive actions — "let an agent do it" doesn't mean "hand an agent your secrets." It means the agent gets a scoped capability and a leash, and you get the audit trail.

Bring your own keys. Keep your own control. Let the work happen in between.