From c668213adbd7f38a2590cc8cf3f1fdc7192e6a5f Mon Sep 17 00:00:00 2001
From: Travis Fischer <fisch0920@gmail.com>
Date: Wed, 2 Jul 2025 12:13:56 -0500
Subject: [PATCH 1/3] feat: rename consumer token to api key in most places

---
 ...en.ts => admin-get-consumer-by-api-key.ts} |  20 ++--
 ...r-token.ts => refresh-consumer-api-key.ts} |  12 +-
 apps/api/src/api-v1/consumers/schemas.ts      |   8 +-
 apps/api/src/api-v1/index.ts                  |   8 +-
 apps/api/src/db/schema/consumer.ts            |   3 +-
 .../upsert-consumer-stripe-checkout.ts        |   4 +-
 apps/api/src/lib/consumers/upsert-consumer.ts |   4 +-
 apps/api/src/lib/create-consumer-api-key.ts   |   5 +
 apps/api/src/lib/create-consumer-token.ts     |   5 -
 apps/gateway/src/lib/get-admin-consumer.ts    |  29 +++--
 apps/web/src/components/example-usage.tsx     |   8 +-
 apps/web/src/lib/developer-config.ts          | 105 +++++++++++-------
 packages/api-client/src/agentic-api-client.ts |  22 ++--
 packages/types/src/openapi.d.ts               |  20 ++--
 todo.md                                       |   4 +-
 15 files changed, 154 insertions(+), 103 deletions(-)
 rename apps/api/src/api-v1/consumers/{admin-get-consumer-by-token.ts => admin-get-consumer-by-api-key.ts} (68%)
 rename apps/api/src/api-v1/consumers/{refresh-consumer-token.ts => refresh-consumer-api-key.ts} (83%)
 create mode 100644 apps/api/src/lib/create-consumer-api-key.ts
 delete mode 100644 apps/api/src/lib/create-consumer-token.ts

diff --git a/apps/api/src/api-v1/consumers/admin-get-consumer-by-token.ts b/apps/api/src/api-v1/consumers/admin-get-consumer-by-api-key.ts
similarity index 68%
rename from apps/api/src/api-v1/consumers/admin-get-consumer-by-token.ts
rename to apps/api/src/api-v1/consumers/admin-get-consumer-by-api-key.ts
index ee8bf763..d8a3acdc 100644
--- a/apps/api/src/api-v1/consumers/admin-get-consumer-by-token.ts
+++ b/apps/api/src/api-v1/consumers/admin-get-consumer-by-api-key.ts
@@ -10,18 +10,20 @@ import {
   openapiErrorResponses
 } from '@/lib/openapi-utils'
 
-import { consumerTokenParamsSchema, populateConsumerSchema } from './schemas'
+import { consumerApiKeyParamsSchema, populateConsumerSchema } from './schemas'
 import { setAdminCacheControlForConsumer } from './utils'
 
 const route = createRoute({
-  description: 'Gets a consumer by API token. This route is admin-only.',
+  description: 'Gets a consumer by API key. This route is admin-only.',
   tags: ['admin', 'consumers'],
-  operationId: 'adminGetConsumerByToken',
+  operationId: 'adminGetConsumerByApiKey',
   method: 'get',
-  path: 'admin/consumers/tokens/{token}',
+  // TODO: is it wise to use a path param for the API key? especially wehn it'll
+  // be cached in cloudflare's shared cache?
+  path: 'admin/consumers/api-keys/{apiKey}',
   security: openapiAuthenticatedSecuritySchemas,
   request: {
-    params: consumerTokenParamsSchema,
+    params: consumerApiKeyParamsSchema,
     query: populateConsumerSchema
   },
   responses: {
@@ -38,21 +40,21 @@ const route = createRoute({
   }
 })
 
-export function registerV1AdminGetConsumerByToken(
+export function registerV1AdminGetConsumerByApiKey(
   app: OpenAPIHono<AuthenticatedHonoEnv>
 ) {
   return app.openapi(route, async (c) => {
-    const { token } = c.req.valid('param')
+    const { apiKey } = c.req.valid('param')
     const { populate = [] } = c.req.valid('query')
     await aclAdmin(c)
 
     const consumer = await db.query.consumers.findFirst({
-      where: eq(schema.consumers.token, token),
+      where: eq(schema.consumers.token, apiKey),
       with: {
         ...Object.fromEntries(populate.map((field) => [field, true]))
       }
     })
-    assert(consumer, 404, `API token not found "${token}"`)
+    assert(consumer, 404, `API key not found "${apiKey}"`)
 
     setAdminCacheControlForConsumer(c, consumer)
     return c.json(parseZodSchema(schema.consumerAdminSelectSchema, consumer))
diff --git a/apps/api/src/api-v1/consumers/refresh-consumer-token.ts b/apps/api/src/api-v1/consumers/refresh-consumer-api-key.ts
similarity index 83%
rename from apps/api/src/api-v1/consumers/refresh-consumer-token.ts
rename to apps/api/src/api-v1/consumers/refresh-consumer-api-key.ts
index f5eb66a3..028134e0 100644
--- a/apps/api/src/api-v1/consumers/refresh-consumer-token.ts
+++ b/apps/api/src/api-v1/consumers/refresh-consumer-api-key.ts
@@ -4,7 +4,7 @@ import { createRoute, type OpenAPIHono } from '@hono/zod-openapi'
 import type { AuthenticatedHonoEnv } from '@/lib/types'
 import { db, eq, schema } from '@/db'
 import { acl } from '@/lib/acl'
-import { createConsumerToken } from '@/lib/create-consumer-token'
+import { createConsumerApiKey } from '@/lib/create-consumer-api-key'
 import {
   openapiAuthenticatedSecuritySchemas,
   openapiErrorResponse404,
@@ -14,11 +14,11 @@ import {
 import { consumerIdParamsSchema } from './schemas'
 
 const route = createRoute({
-  description: "Refreshes a consumer's API token.",
+  description: "Refreshes a consumer's API key.",
   tags: ['consumers'],
-  operationId: 'refreshConsumerToken',
+  operationId: 'refreshConsumerApiKey',
   method: 'post',
-  path: 'consumers/{consumerId}/refresh-token',
+  path: 'consumers/{consumerId}/refresh-api-key',
   security: openapiAuthenticatedSecuritySchemas,
   request: {
     params: consumerIdParamsSchema
@@ -37,7 +37,7 @@ const route = createRoute({
   }
 })
 
-export function registerV1RefreshConsumerToken(
+export function registerV1RefreshConsumerApiKey(
   app: OpenAPIHono<AuthenticatedHonoEnv>
 ) {
   return app.openapi(route, async (c) => {
@@ -53,7 +53,7 @@ export function registerV1RefreshConsumerToken(
     ;[consumer] = await db
       .update(schema.consumers)
       .set({
-        token: await createConsumerToken()
+        token: await createConsumerApiKey()
       })
       .where(eq(schema.consumers.id, consumer.id))
       .returning()
diff --git a/apps/api/src/api-v1/consumers/schemas.ts b/apps/api/src/api-v1/consumers/schemas.ts
index a047d8a0..b02ed4ad 100644
--- a/apps/api/src/api-v1/consumers/schemas.ts
+++ b/apps/api/src/api-v1/consumers/schemas.ts
@@ -17,14 +17,14 @@ export const consumerIdParamsSchema = z.object({
   })
 })
 
-export const consumerTokenParamsSchema = z.object({
-  token: z
+export const consumerApiKeyParamsSchema = z.object({
+  apiKey: z
     .string()
     .nonempty()
     .openapi({
       param: {
-        description: 'Consumer token',
-        name: 'token',
+        description: 'Consumer API key',
+        name: 'apiKey',
         in: 'path'
       }
     })
diff --git a/apps/api/src/api-v1/index.ts b/apps/api/src/api-v1/index.ts
index 831f397a..507441e8 100644
--- a/apps/api/src/api-v1/index.ts
+++ b/apps/api/src/api-v1/index.ts
@@ -11,7 +11,7 @@ import { registerV1GitHubOAuthInitFlow } from './auth/github-init'
 import { registerV1SignInWithPassword } from './auth/sign-in-with-password'
 import { registerV1SignUpWithPassword } from './auth/sign-up-with-password'
 import { registerV1AdminActivateConsumer } from './consumers/admin-activate-consumer'
-import { registerV1AdminGetConsumerByToken } from './consumers/admin-get-consumer-by-token'
+import { registerV1AdminGetConsumerByApiKey } from './consumers/admin-get-consumer-by-api-key'
 import { registerV1CreateBillingPortalSession } from './consumers/create-billing-portal-session'
 import { registerV1CreateConsumer } from './consumers/create-consumer'
 import { registerV1CreateConsumerBillingPortalSession } from './consumers/create-consumer-billing-portal-session'
@@ -20,7 +20,7 @@ import { registerV1GetConsumer } from './consumers/get-consumer'
 import { registerV1GetConsumerByProjectIdentifier } from './consumers/get-consumer-by-project-identifier'
 import { registerV1ListConsumers } from './consumers/list-consumers'
 import { registerV1ListConsumersForProject } from './consumers/list-project-consumers'
-import { registerV1RefreshConsumerToken } from './consumers/refresh-consumer-token'
+import { registerV1RefreshConsumerApiKey } from './consumers/refresh-consumer-api-key'
 import { registerV1UpdateConsumer } from './consumers/update-consumer'
 import { registerV1AdminGetDeploymentByIdentifier } from './deployments/admin-get-deployment-by-identifier'
 import { registerV1CreateDeployment } from './deployments/create-deployment'
@@ -119,7 +119,7 @@ registerV1CreateConsumer(privateRouter)
 registerV1CreateConsumerCheckoutSession(privateRouter)
 registerV1CreateConsumerBillingPortalSession(privateRouter)
 registerV1UpdateConsumer(privateRouter)
-registerV1RefreshConsumerToken(privateRouter)
+registerV1RefreshConsumerApiKey(privateRouter)
 registerV1ListConsumers(privateRouter)
 registerV1ListConsumersForProject(privateRouter)
 
@@ -133,7 +133,7 @@ registerV1ListDeployments(privateRouter)
 registerV1PublishDeployment(privateRouter)
 
 // Internal admin routes
-registerV1AdminGetConsumerByToken(privateRouter)
+registerV1AdminGetConsumerByApiKey(privateRouter)
 registerV1AdminActivateConsumer(privateRouter)
 registerV1AdminGetDeploymentByIdentifier(privateRouter)
 
diff --git a/apps/api/src/db/schema/consumer.ts b/apps/api/src/db/schema/consumer.ts
index 42af75a0..e45c9ba8 100644
--- a/apps/api/src/db/schema/consumer.ts
+++ b/apps/api/src/db/schema/consumer.ts
@@ -54,7 +54,8 @@ export const consumers = pgTable(
     ...consumerPrimaryId,
     ...timestamps,
 
-    // API token for this consumer
+    // API key for this consumer
+    // (called "token" for backwards compatibility)
     token: text().notNull(),
 
     // The slug of the PricingPlan in the target deployment that this consumer
diff --git a/apps/api/src/lib/consumers/upsert-consumer-stripe-checkout.ts b/apps/api/src/lib/consumers/upsert-consumer-stripe-checkout.ts
index f5fdb39b..b0e8e5ea 100644
--- a/apps/api/src/lib/consumers/upsert-consumer-stripe-checkout.ts
+++ b/apps/api/src/lib/consumers/upsert-consumer-stripe-checkout.ts
@@ -14,7 +14,7 @@ import { acl } from '@/lib/acl'
 import { upsertStripeConnectCustomer } from '@/lib/billing/upsert-stripe-connect-customer'
 import { upsertStripeCustomer } from '@/lib/billing/upsert-stripe-customer'
 import { upsertStripePricingResources } from '@/lib/billing/upsert-stripe-pricing-resources'
-import { createConsumerToken } from '@/lib/create-consumer-token'
+import { createConsumerApiKey } from '@/lib/create-consumer-api-key'
 
 import { aclPublicProject } from '../acl-public-project'
 import { createStripeCheckoutSession } from '../billing/create-stripe-checkout-session'
@@ -174,7 +174,7 @@ export async function upsertConsumerStripeCheckout(
         userId,
         projectId,
         deploymentId,
-        token: await createConsumerToken(),
+        token: await createConsumerApiKey(),
         _stripeCustomerId: stripeCustomer.id
       })
       .returning()
diff --git a/apps/api/src/lib/consumers/upsert-consumer.ts b/apps/api/src/lib/consumers/upsert-consumer.ts
index 73765b43..1069be82 100644
--- a/apps/api/src/lib/consumers/upsert-consumer.ts
+++ b/apps/api/src/lib/consumers/upsert-consumer.ts
@@ -7,7 +7,7 @@ import { upsertStripeConnectCustomer } from '@/lib/billing/upsert-stripe-connect
 import { upsertStripeCustomer } from '@/lib/billing/upsert-stripe-customer'
 import { upsertStripePricingResources } from '@/lib/billing/upsert-stripe-pricing-resources'
 import { upsertStripeSubscription } from '@/lib/billing/upsert-stripe-subscription'
-import { createConsumerToken } from '@/lib/create-consumer-token'
+import { createConsumerApiKey } from '@/lib/create-consumer-api-key'
 
 import { aclPublicProject } from '../acl-public-project'
 
@@ -164,7 +164,7 @@ export async function upsertConsumer(
         userId,
         projectId,
         deploymentId,
-        token: await createConsumerToken(),
+        token: await createConsumerApiKey(),
         _stripeCustomerId: stripeCustomer.id
       })
       .returning()
diff --git a/apps/api/src/lib/create-consumer-api-key.ts b/apps/api/src/lib/create-consumer-api-key.ts
new file mode 100644
index 00000000..aaf4f182
--- /dev/null
+++ b/apps/api/src/lib/create-consumer-api-key.ts
@@ -0,0 +1,5 @@
+import { sha256 } from '@agentic/platform-core'
+
+export async function createConsumerApiKey(): Promise<string> {
+  return `sk-${sha256()}`
+}
diff --git a/apps/api/src/lib/create-consumer-token.ts b/apps/api/src/lib/create-consumer-token.ts
deleted file mode 100644
index ae2ddf73..00000000
--- a/apps/api/src/lib/create-consumer-token.ts
+++ /dev/null
@@ -1,5 +0,0 @@
-import { sha256 } from '@agentic/platform-core'
-
-export async function createConsumerToken(): Promise<string> {
-  return sha256()
-}
diff --git a/apps/gateway/src/lib/get-admin-consumer.ts b/apps/gateway/src/lib/get-admin-consumer.ts
index a33bfd13..4fc65dbd 100644
--- a/apps/gateway/src/lib/get-admin-consumer.ts
+++ b/apps/gateway/src/lib/get-admin-consumer.ts
@@ -1,17 +1,32 @@
-import { assert } from '@agentic/platform-core'
+import { assert, HttpError } from '@agentic/platform-core'
 
 import type { AdminConsumer, GatewayHonoContext } from './types'
 
 export async function getAdminConsumer(
   ctx: GatewayHonoContext,
-  token: string
+  apiKey: string
 ): Promise<AdminConsumer> {
   const client = ctx.get('client')
-  const consumer = await client.adminGetConsumerByToken({
-    token,
-    populate: ['user']
-  })
-  assert(consumer, 404, `API token not found "${token}"`)
+  let consumer: AdminConsumer | undefined
 
+  try {
+    consumer = await client.adminGetConsumerByApiKey({
+      apiKey,
+      populate: ['user']
+    })
+  } catch (err: any) {
+    if (err.response?.status === 404) {
+      // Hide the underlying error message from the client
+      throw new HttpError({
+        statusCode: 404,
+        message: `API key not found "${apiKey}"`,
+        cause: err
+      })
+    }
+
+    throw err
+  }
+
+  assert(consumer, 404, `API key not found "${apiKey}"`)
   return consumer
 }
diff --git a/apps/web/src/components/example-usage.tsx b/apps/web/src/components/example-usage.tsx
index 525aa795..1abc176b 100644
--- a/apps/web/src/components/example-usage.tsx
+++ b/apps/web/src/components/example-usage.tsx
@@ -35,11 +35,13 @@ export function ExampleUsage({
   projectIdentifier,
   project: initialProject,
   tool,
+  apiKey,
   initialCodeBlock
 }: {
   projectIdentifier: string
   project?: Project
   tool?: string
+  apiKey?: string
   initialCodeBlock?: JSX.Element
 }) {
   const ctx = useAgentic()
@@ -105,6 +107,7 @@ export function ExampleUsage({
       <ExampleUsageContent
         projectIdentifier={projectIdentifier}
         tool={tool}
+        apiKey={apiKey}
         initialCodeBlock={initialCodeBlock}
         isLoading={isLoading}
         isError={isError}
@@ -119,6 +122,7 @@ export function ExampleUsage({
 function ExampleUsageContent({
   projectIdentifier,
   tool,
+  apiKey,
   initialCodeBlock,
   isLoading,
   isError,
@@ -128,6 +132,7 @@ function ExampleUsageContent({
 }: {
   projectIdentifier: string
   tool?: string
+  apiKey?: string
   initialCodeBlock?: JSX.Element
   isLoading: boolean
   isError: boolean
@@ -156,7 +161,8 @@ function ExampleUsageContent({
     project,
     deployment,
     identifier: projectIdentifier,
-    tool
+    tool,
+    apiKey
   })
 
   return (
diff --git a/apps/web/src/lib/developer-config.ts b/apps/web/src/lib/developer-config.ts
index d12da764..1f93132a 100644
--- a/apps/web/src/lib/developer-config.ts
+++ b/apps/web/src/lib/developer-config.ts
@@ -97,6 +97,7 @@ export type GetCodeForDeveloperConfigOpts = {
   deployment: Deployment
   identifier: string
   tool?: string
+  apiKey?: string
 }
 
 type GetCodeForDeveloperConfigInnerOpts = Simplify<
@@ -169,7 +170,8 @@ export function getCodeForTSFrameworkConfig({
   config,
   identifier,
   prompt,
-  systemPrompt
+  systemPrompt,
+  apiKey
 }: GetCodeForDeveloperConfigInnerOpts): CodeSnippet {
   switch (config.tsFrameworkTarget) {
     case 'ai':
@@ -180,7 +182,13 @@ import { AgenticToolClient } from '@agentic/platform-tool-client'
 import { openai } from '@ai-sdk/openai'
 import { generateText } from 'ai'
 
-const searchTool = await AgenticToolClient.fromIdentifier('${identifier}')
+const searchTool = await AgenticToolClient.fromIdentifier('${identifier}'${
+          apiKey
+            ? `, {
+  apiKey: '${apiKey}'
+}`
+            : ''
+        })
 
 const result = await generateText({
   model: openai('gpt-4o-mini'),
@@ -201,7 +209,13 @@ import { AgenticToolClient } from '@agentic/platform-tool-client'
 import OpenAI from 'openai'
 
 const openai = new OpenAI()
-const searchTool = await AgenticToolClient.fromIdentifier('${identifier}')
+const searchTool = await AgenticToolClient.fromIdentifier('${identifier}'${
+          apiKey
+            ? `, {
+  apiKey: '${apiKey}'
+}`
+            : ''
+        })
 
 // This example uses OpenAI's Chat Completions API
 const res = await openai.chat.completions.create({
@@ -232,7 +246,13 @@ import { AgenticToolClient } from '@agentic/platform-tool-client'
 import OpenAI from 'openai'
 
 const openai = new OpenAI()
-const searchTool = await AgenticToolClient.fromIdentifier('${identifier}')
+const searchTool = await AgenticToolClient.fromIdentifier('${identifier}'${
+          apiKey
+            ? `, {
+  apiKey: '${apiKey}'
+}`
+            : ''
+        })
 
 // This example uses OpenAI's newer Responses API
 const res = await openai.responses.create({
@@ -265,7 +285,13 @@ import { ChatPromptTemplate } from '@langchain/core/prompts'
 import { ChatOpenAI } from '@langchain/openai'
 import { AgentExecutor, createToolCallingAgent } from 'langchain/agents'
 
-const searchTool = await AgenticToolClient.fromIdentifier('${identifier}')
+const searchTool = await AgenticToolClient.fromIdentifier('${identifier}'${
+          apiKey
+            ? `, {
+  apiKey: '${apiKey}'
+}`
+            : ''
+        })
 
 const agent = createToolCallingAgent({
   llm: new ChatOpenAI({ model: 'gpt-4o-mini' }),
@@ -296,7 +322,13 @@ import { AgenticToolClient } from '@agentic/platform-tool-client'
 import { openai } from '@llamaindex/openai'
 import { agent } from '@llamaindex/workflow'
 
-const searchTool = await AgenticToolClient.fromIdentifier('${identifier}')
+const searchTool = await AgenticToolClient.fromIdentifier('${identifier}'${
+          apiKey
+            ? `, {
+  apiKey: '${apiKey}'
+}`
+            : ''
+        })
 
 const exampleAgent = agent({
   llm: openai({ model: 'gpt-4o-mini', temperature: 0 }),
@@ -320,7 +352,13 @@ import { AgenticToolClient } from '@agentic/platform-tool-client'
 import { openai } from '@ai-sdk/openai'
 import { Agent } from '@mastra/core/agent'
 
-const searchTool = await AgenticToolClient.fromIdentifier('${identifier}')
+const searchTool = await AgenticToolClient.fromIdentifier('${identifier}'${
+          apiKey
+            ? `, {
+  apiKey: '${apiKey}'
+}`
+            : ''
+        })
 
 const exampleAgent = new Agent({
   name: 'Example Agent',
@@ -345,7 +383,13 @@ import { AgenticToolClient } from '@agentic/platform-tool-client'
 import { genkit } from 'genkit'
 import { gpt4oMini, openAI } from 'genkitx-openai'
 
-const searchTool = await AgenticToolClient.fromIdentifier('${identifier}')
+const searchTool = await AgenticToolClient.fromIdentifier('${identifier}'${
+          apiKey
+            ? `, {
+  apiKey: '${apiKey}'
+}`
+            : ''
+        })
 
 const ai = genkit({
   plugins: [openAI()]
@@ -360,42 +404,18 @@ const result = await ai.generate({
 console.log(result)`.trim(),
         lang: 'ts'
       }
-
-    //     case 'xsai':
-    //       return {
-    //         code: `
-    // import { AgenticToolClient } from '@agentic/platform-tool-client'
-    // import { createXSAITools } from '@agentic/xsai'
-    // import { generateText } from 'xsai'
-
-    // const searchTool = await AgenticToolClient.fromIdentifier('${identifier}')
-
-    // const result = await generateText({
-    //   apiKey: process.env.OPENAI_API_KEY!,
-    //   baseURL: 'https://api.openai.com/v1/',
-    //   model: 'gpt-4o-mini',
-    //   tools: await createXSAITools(searchTool),
-    //   toolChoice: 'required',
-    //   messages: [
-    //     {
-    //       role: 'user',
-    //       content: '${prompt}'
-    //     }
-    //   ]
-    // })
-
-    // console.log(JSON.stringify(result, null, 2))`.trim(),
-    //         lang: 'ts'
-    //       }
   }
 }
 
 export function getCodeForPythonFrameworkConfig({
   config,
   identifier,
-  prompt
+  prompt,
+  apiKey
 }: GetCodeForDeveloperConfigInnerOpts): CodeSnippet {
-  const mcpUrl = `${gatewayBaseUrl}/${identifier}/mcp`
+  const mcpUrl = `${gatewayBaseUrl}/${identifier}/mcp${
+    apiKey ? `?apiKey=${apiKey}` : ''
+  }`
 
   switch (config.pyFrameworkTarget) {
     case 'openai':
@@ -479,7 +499,8 @@ export function getCodeForHTTPConfig({
   identifier,
   deployment,
   tool,
-  args
+  args,
+  apiKey
 }: GetCodeForDeveloperConfigInnerOpts): CodeSnippet {
   tool ??= deployment.tools[0]?.name
   assert(tool, 'tool is required')
@@ -493,7 +514,9 @@ export function getCodeForHTTPConfig({
 
       // TODO: better formatting for the curl command
       return {
-        code: `curl -X POST -H "Content-Type: application/json" -d '${formattedArgs}' ${url}`,
+        code: `curl -X POST -H "Content-Type: application/json"${
+          apiKey ? ` -H "Authorization: Bearer ${apiKey}"` : ''
+        } -d '${formattedArgs}' ${url}`,
         lang: 'bash'
       }
     }
@@ -504,7 +527,9 @@ export function getCodeForHTTPConfig({
         .join(' ')
 
       return {
-        code: `http ${url} ${formattedArgs}`,
+        code: `http ${url}${apiKey ? ` Authorization:"Bearer ${apiKey}"` : ''}${
+          formattedArgs ? ` ${formattedArgs}` : ''
+        }`,
         lang: 'bash'
       }
     }
diff --git a/packages/api-client/src/agentic-api-client.ts b/packages/api-client/src/agentic-api-client.ts
index 67e3cd9a..09a04cbc 100644
--- a/packages/api-client/src/agentic-api-client.ts
+++ b/packages/api-client/src/agentic-api-client.ts
@@ -695,13 +695,13 @@ export class AgenticApiClient {
       .json()
   }
 
-  /** Refreshes a consumer's API token. */
-  async refreshConsumerToken({
+  /** Refreshes a consumer's API key. */
+  async refreshConsumerApiKey({
     consumerId,
     ...searchParams
-  }: OperationParameters<'refreshConsumerToken'>): Promise<Consumer> {
+  }: OperationParameters<'refreshConsumerApiKey'>): Promise<Consumer> {
     return this.ky
-      .post(`v1/consumers/${consumerId}/refresh-token`, { searchParams })
+      .post(`v1/consumers/${consumerId}/refresh-api-key`, { searchParams })
       .json()
   }
 
@@ -849,22 +849,22 @@ export class AgenticApiClient {
   }
 
   /**
-   * Gets a consumer by API token. This method is admin-only.
+   * Gets a consumer by API key. This method is admin-only.
    *
    * @internal
    */
-  async adminGetConsumerByToken<
+  async adminGetConsumerByApiKey<
     TPopulate extends NonNullable<
-      OperationParameters<'adminGetConsumerByToken'>['populate']
+      OperationParameters<'adminGetConsumerByApiKey'>['populate']
     >[number]
   >({
-    token,
+    apiKey,
     ...searchParams
-  }: OperationParameters<'adminGetConsumerByToken'> & {
+  }: OperationParameters<'adminGetConsumerByApiKey'> & {
     populate?: TPopulate[]
   }): Promise<PopulateConsumer<TPopulate, AdminConsumer>> {
     return this.ky
-      .get(`v1/admin/consumers/tokens/${token}`, {
+      .get(`v1/admin/consumers/api-keys/${apiKey}`, {
         searchParams: sanitizeSearchParams(searchParams)
       })
       .json()
@@ -872,7 +872,7 @@ export class AgenticApiClient {
 
   /**
    * Activates a consumer signifying that at least one API call has been made
-   * using the consumer's API token. This method is idempotent and admin-only.
+   * using the consumer's API key. This method is idempotent and admin-only.
    *
    * @internal
    */
diff --git a/packages/types/src/openapi.d.ts b/packages/types/src/openapi.d.ts
index 0b2c36b3..c5d6d129 100644
--- a/packages/types/src/openapi.d.ts
+++ b/packages/types/src/openapi.d.ts
@@ -421,7 +421,7 @@ export interface paths {
         patch?: never;
         trace?: never;
     };
-    "/v1/consumers/{consumerId}/refresh-token": {
+    "/v1/consumers/{consumerId}/refresh-api-key": {
         parameters: {
             query?: never;
             header?: never;
@@ -430,8 +430,8 @@ export interface paths {
         };
         get?: never;
         put?: never;
-        /** @description Refreshes a consumer's API token. */
-        post: operations["refreshConsumerToken"];
+        /** @description Refreshes a consumer's API key. */
+        post: operations["refreshConsumerApiKey"];
         delete?: never;
         options?: never;
         head?: never;
@@ -525,15 +525,15 @@ export interface paths {
         patch?: never;
         trace?: never;
     };
-    "/v1/admin/consumers/tokens/{token}": {
+    "/v1/admin/consumers/api-keys/{apiKey}": {
         parameters: {
             query?: never;
             header?: never;
             path?: never;
             cookie?: never;
         };
-        /** @description Gets a consumer by API token. This route is admin-only. */
-        get: operations["adminGetConsumerByToken"];
+        /** @description Gets a consumer by API key. This route is admin-only. */
+        get: operations["adminGetConsumerByApiKey"];
         put?: never;
         post?: never;
         delete?: never;
@@ -2275,7 +2275,7 @@ export interface operations {
             410: components["responses"]["410"];
         };
     };
-    refreshConsumerToken: {
+    refreshConsumerApiKey: {
         parameters: {
             query?: never;
             header?: never;
@@ -2584,15 +2584,15 @@ export interface operations {
             404: components["responses"]["404"];
         };
     };
-    adminGetConsumerByToken: {
+    adminGetConsumerByApiKey: {
         parameters: {
             query?: {
                 populate?: ("user" | "project" | "deployment") | ("user" | "project" | "deployment")[];
             };
             header?: never;
             path: {
-                /** @description Consumer token */
-                token: string;
+                /** @description Consumer API key */
+                apiKey: string;
             };
             cookie?: never;
         };
diff --git a/todo.md b/todo.md
index 148e99d9..4daf24f4 100644
--- a/todo.md
+++ b/todo.md
@@ -38,7 +38,7 @@
   - add disclaimer about public beta
   - add search / sorting
   - add admin-based tags for main page layout (featured, etc)
-- replace render for api and/or add turbo for caching
+- replace render for api and/or add turbo for caching (too slow to deploy)
 
 ## TODO: Post-MVP
 
@@ -135,3 +135,5 @@
 - basic account page on website
   - edit name, profile photo, etc
 - **public project detail page metadata**
+- fix readme css <img height="..."> not taking effect because of tailwind css preflight which sets `img, video { height: auto }`
+  - we still want this for every other scenario; just want to sandbox the github-style readme markdown css...

From b33bf065b0477d0007d1653f1119b36e35dae84c Mon Sep 17 00:00:00 2001
From: Travis Fischer <fisch0920@gmail.com>
Date: Wed, 2 Jul 2025 15:12:31 -0500
Subject: [PATCH 2/3] =?UTF-8?q?=E2=9E=95?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 legacy/packages/arxiv/src/arxiv-client.ts   | 3 +--
 legacy/packages/reddit/src/reddit-client.ts | 2 +-
 todo.md                                     | 1 +
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/legacy/packages/arxiv/src/arxiv-client.ts b/legacy/packages/arxiv/src/arxiv-client.ts
index da829967..e6fded0e 100644
--- a/legacy/packages/arxiv/src/arxiv-client.ts
+++ b/legacy/packages/arxiv/src/arxiv-client.ts
@@ -122,10 +122,9 @@ export class ArXivClient extends AIFunctionsProvider {
     apiBaseUrl = arxiv.API_BASE_URL,
     ky = defaultKy
   }: {
-    apiKey?: string
     apiBaseUrl?: string
     ky?: KyInstance
-  }) {
+  } = {}) {
     super()
 
     this.apiBaseUrl = apiBaseUrl
diff --git a/legacy/packages/reddit/src/reddit-client.ts b/legacy/packages/reddit/src/reddit-client.ts
index 55497b22..02cd03c6 100644
--- a/legacy/packages/reddit/src/reddit-client.ts
+++ b/legacy/packages/reddit/src/reddit-client.ts
@@ -347,7 +347,7 @@ export class RedditClient extends AIFunctionsProvider {
    * @see https://old.reddit.com/dev/api/#GET_hot
    */
   @aiFunction({
-    name: 'reddit_get_subreddit_posts',
+    name: 'get_subreddit_posts',
     description: 'Fetches posts from a subreddit.',
     inputSchema: z.object({
       subreddit: z.string().describe('The subreddit to fetch posts from.'),
diff --git a/todo.md b/todo.md
index 4daf24f4..ac794559 100644
--- a/todo.md
+++ b/todo.md
@@ -39,6 +39,7 @@
   - add search / sorting
   - add admin-based tags for main page layout (featured, etc)
 - replace render for api and/or add turbo for caching (too slow to deploy)
+- public-project limit `description` to max 5 lines and show ellipsis
 
 ## TODO: Post-MVP
 

From 597ca3ead31eed08726bfec1e2522d57d37a5f4f Mon Sep 17 00:00:00 2001
From: Travis Fischer <fisch0920@gmail.com>
Date: Wed, 2 Jul 2025 15:32:25 -0500
Subject: [PATCH 3/3] =?UTF-8?q?=F0=9F=8F=AB?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 apps/web/src/components/public-project.tsx         | 14 ++++++++------
 .../packages/open-meteo/src/open-meteo-client.ts   |  3 ++-
 legacy/packages/tavily/src/tavily-client.ts        |  2 +-
 3 files changed, 11 insertions(+), 8 deletions(-)

diff --git a/apps/web/src/components/public-project.tsx b/apps/web/src/components/public-project.tsx
index 17f1f3cb..4b53ffa8 100644
--- a/apps/web/src/components/public-project.tsx
+++ b/apps/web/src/components/public-project.tsx
@@ -10,12 +10,12 @@ export function PublicProject({ project }: { project: Project }) {
   return (
     <Link
       key={project.id}
-      className='p-2 border rounded-lg hover:border-gray-400
-      divide-y divide-gray-200 overflow-hidden bg-white shadow-sm max-w-md flex flex-col gap-2
+      className='p-3 border rounded-lg hover:border-gray-400
+      divide-y divide-gray-200 overflow-hidden bg-white shadow-sm max-w-md flex flex-col gap-3
       '
       href={`/marketplace/projects/${project.identifier}`}
     >
-      <div className='p-2 flex gap-2.5 items-center'>
+      <div className='pb-3 flex gap-2.5 items-center'>
         <img
           src={
             deployment.iconUrl ||
@@ -35,13 +35,15 @@ export function PublicProject({ project }: { project: Project }) {
         </div>
       </div>
 
-      <div className='flex-1 flex flex-col gap-2 justify-between'>
+      <div className='flex-1 flex flex-col gap-3 justify-between'>
         {deployment.description && (
-          <p className='text-sm text-gray-700'>{deployment.description}</p>
+          <p className='text-sm text-gray-700 line-clamp-4'>
+            {deployment.description}
+          </p>
         )}
 
         {project.lastPublishedDeployment && (
-          <div className='text-xs text-gray-500 flex items-center justify-between'>
+          <div className='text-xs text-gray-500 flex gap-3 items-center justify-between'>
             <div>{deployment.version}</div>
 
             <div>
diff --git a/legacy/packages/open-meteo/src/open-meteo-client.ts b/legacy/packages/open-meteo/src/open-meteo-client.ts
index 50a5912c..dfde41ca 100644
--- a/legacy/packages/open-meteo/src/open-meteo-client.ts
+++ b/legacy/packages/open-meteo/src/open-meteo-client.ts
@@ -55,7 +55,8 @@ export class OpenMeteoClient extends AIFunctionsProvider {
   }
 
   /**
-   * Gets the 7-day weather variables in hourly and daily resolution for given WGS84 latitude and longitude coordinates. Available worldwide.
+   * Gets the 7-day weather variables in hourly and daily resolution for given
+   * WGS84 latitude and longitude coordinates. Available worldwide.
    */
   @aiFunction({
     name: 'open_meteo_get_forecast',
diff --git a/legacy/packages/tavily/src/tavily-client.ts b/legacy/packages/tavily/src/tavily-client.ts
index caf6d951..f67eab48 100644
--- a/legacy/packages/tavily/src/tavily-client.ts
+++ b/legacy/packages/tavily/src/tavily-client.ts
@@ -146,7 +146,7 @@ export class TavilyClient extends AIFunctionsProvider {
    * Searches the web for pages relevant to the given query and summarizes the results.
    */
   @aiFunction({
-    name: 'tavily_web_search',
+    name: 'search',
     description:
       'Searches the web to find the most relevant pages for a given query and summarizes the results. Very useful for finding up-to-date news and information about any topic.',
     inputSchema: z.object({