A Trident project is the top-level workspace that groups everything related to a single agent system or environment — the agents you instrument, the findings Trident discovers, the API keys your SDK uses to authenticate, and the team members who have access. Most organizations create one project per environment (for example, my-agent-staging and my-agent-production) so that findings, keys, and settings stay cleanly separated between deployment tiers.
Create a project
Navigate to the Trident dashboard and click New Project in the top navigation or the project selector. Enter a name that reflects the environment or agent system, then click Create. Your new project opens immediately with an empty findings view and a freshly generated pair of API keys.
API keys
Every project has exactly two keys. You use them together to authenticate any request to the Trident REST API, the gateway, or the SDK.
| Key | Dashboard label | Role |
|---|
| Public Key | projectPk | Identifies your project. Safe to include in server-side environment variables and SDK initialization. |
| Secret Key | projectSk | Acts as your password. Never commit this to source control or expose it in client-side code. |
Find your API keys
Go to Settings → API Keys inside your project. The Public Key is shown in plain text. The Secret Key is masked by default — click Reveal to copy it.
Authenticate REST API requests
Trident’s REST API uses HTTP Basic authentication. Encode your keys as publicKey:secretKey in Base64 and pass the result in the Authorization header:
# Encode your credentials
echo -n "your_public_key:your_secret_key" | base64
# → eW91cl9wdWJsaWNfa2V5OnlvdXJfc2VjcmV0X2tleQ==
# Use the encoded value in requests
curl https://app.usetrident.dev/api/public/trident/findings \
-H "Authorization: Basic eW91cl9wdWJsaWNfa2V5OnlvdXJfc2VjcmV0X2tleQ=="
Environment variable names
Use these names consistently across your infrastructure and CI system:
TRIDENT_PROJECT_PUBLIC_KEY=your_public_key
TRIDENT_PROJECT_SECRET_KEY=your_secret_key
Rotate your keys
If you suspect a key has been leaked, rotate it immediately:
- Go to Settings → API Keys
- Click Regenerate next to the key you want to rotate
- Confirm the rotation — the old key is invalidated immediately
- Update the new key in every environment, service, and CI secret that uses it
There is no grace period. Any request using the old key will receive a 401 Unauthorized response as soon as you regenerate.
Manage team members
Invite colleagues to your project by going to Settings → Members → Invite by email. Enter the email address and select a role:
| Role | Capabilities |
|---|
| Admin | Full access: manage settings, integrations, API keys, and members |
| Member | Create and triage findings, run evaluations, configure Signals and Scorers |
| Viewer | Read-only access to findings, traces, and dashboard data |
Use multiple projects
You can create as many projects as you need. Common patterns include:
- Per-environment separation —
my-agent-staging and my-agent-production with separate API keys, so a staging finding never pollutes the production findings view
- Per-team separation — one project per agent team so each team manages their own keys and alert destinations
- Per-integration testing — a short-lived project for a red-team engagement or an evaluation sprint
Never expose your Secret Key in client-side code, browser environments, or public repositories. If a Secret Key is compromised, rotate it immediately from Settings → API Keys. Trident cannot recover or audit requests made with a leaked key after the fact.