> ## Documentation Index > Fetch the complete documentation index at: https://phidatainc-agui.mintlify.site/llms.txt > Use this file to discover all available pages before exploring further. # AgentOS Security > Secure your AgentOS with authentication and authorization. AgentOS supports two security modes: | Mode | When to use | | ------------------------ | ------------------------------------------------------------------ | | **Basic Authentication** | Simple key validation for development. | | **Authorization** | JWT-powered authorization with fine-grained scopes for production. | ## Basic Authentication Set the `OS_SECURITY_KEY` environment variable in your `.env` file or export it directly in your terminal: ```bash theme={null} export OS_SECURITY_KEY="your-secret-key" ``` Requests without a valid `Authorization: Bearer ` header return `401 Unauthorized`. ## Authorization Authorization validates JWT tokens and checks scopes against required permissions for each endpoint. Enable it with `authorization=True`: ```python theme={null} from agno.os import AgentOS agent_os = AgentOS( id="my-agent-os", agents=[my_agent], authorization=True, ) ``` Set the `JWT_VERIFICATION_KEY` environment variable to your public key in your `.env` file or export it directly in your terminal: ```bash theme={null} export JWT_VERIFICATION_KEY="your-public-key" ``` Requests without a valid JWT return `401 Unauthorized`. Requests with insufficient scopes return `403 Forbidden`. See [Authorization](/agent-os/security/authorization/overview) for the full setup flow, scope reference, and endpoint mappings. JWT validation, scopes, roles, and per-user data isolation. Token sources, claim extraction, and parameter injection.