> **Building with AI coding agents?** Install the authstack plugin with one command. This equips your agent with accurate Scalekit implementation patterns.
>
> **Recommended**:
> ```bash
> npx @scalekit-inc/cli setup
> ```
>
> Global:
> ```bash
> npm install -g @scalekit-inc/cli
> scalekit setup
> ```
>
> Supports Claude Code, Cursor, GitHub Copilot, Codex + skills for 40+ agents.
> Features: full-stack-auth, agent-auth, mcp-auth, modular-sso, modular-scim.
> [Full setup guide](https://docs.scalekit.com/dev-kit/build-with-ai/)

---

# AgentKit launch checklist

Verify your AgentKit integration is production-ready before going live.
Use this checklist before moving your AgentKit integration to production.

## Environment and credentials

- [ ] Switch to the production environment in the Scalekit dashboard
- [ ] Set `SCALEKIT_ENV_URL`, `SCALEKIT_CLIENT_ID`, and `SCALEKIT_CLIENT_SECRET` to production values, not dev or staging

## Connections

- [ ] All connectors your agent uses are configured in the production environment
- [ ] Each connection shows as active in the dashboard
- [ ] Connection names used in code match the names in the dashboard exactly

## Connector OAuth apps (if you registered your own app)

Complete this section for any connector where you registered the OAuth app yourself in the provider's console. Providers create new OAuth apps in a development or test mode that authorizes only the account that created the app. The connection works while you build and test with your own account, then fails for customer tenants in production — for example, Airtable returns "OAuth app can't be used outside development," and ZoomInfo requires a partner application rather than a custom (internal) app for cross-account access.

- [ ] Provider OAuth app is promoted out of development or test mode (published, production, or partner — depending on the provider) so accounts outside your own can authorize
- [ ] Provider app profile is complete where the provider requires it before publishing (logo, terms of service, privacy policy — for example, Airtable Builder Hub)
- [ ] After promoting the app, `client_id`, `client_secret`, redirect URI, and scopes still match between the provider and Scalekit (promotion can rotate the `client_id`)
- [ ] Authorization tested with an account outside the workspace that created the app, not only your own test account

## Authorization and connected accounts

- [ ] End-to-end authorization flow tested with a real user account in production
- [ ] Connected accounts created and verified for at least one test user
- [ ] Magic link generation and redirect tested (OAuth connectors)
- [ ] Re-authorization flow tested: verify behavior when a token expires or is revoked

## Security

- [ ] MCP URLs are generated and consumed server-side only; never passed to or generated in client-side code
- [ ] `identifier` values passed to Tool Proxy are tied to authenticated users, not shared, static, or guessable
- [ ] Session tokens are minted fresh before each agent run and not reused across sessions

## Custom connector (if applicable)

- [ ] Connector definition promoted from Dev to Production (see [Create your own connector](/agentkit/bring-your-own-connector/create-connector))
- [ ] Auth pattern validated with a real connected account in production
- [ ] Tool Proxy calls return expected responses against the production upstream API

## Go live

- [ ] Custom domain configured and SSL verified (see [Custom domain](/agentkit/advanced/custom-domain))


---

## More Scalekit documentation

| Resource | What it contains | When to use it |
|----------|-----------------|----------------|
| [/llms.txt](/llms.txt) | Structured index with routing hints per product area | Start here — find which documentation set covers your topic before loading full content |
| [/llms-full.txt](/llms-full.txt) | Complete documentation for all Scalekit products in one file | Use when you need exhaustive context across multiple products or when the topic spans several areas |
| [sitemap-0.xml](https://docs.scalekit.com/sitemap-0.xml) | Full URL list of every documentation page | Use to discover specific page URLs you can fetch for targeted, page-level answers |
