Skip to main content

Documentation Index

Fetch the complete documentation index at: https://allhandsai-codex-agent-server-user-docs.mintlify.app/llms.txt

Use this file to discover all available pages before exploring further.

Run a local Agent Server when you want a backend process to host OpenHands conversations over HTTP and WebSocket. This is the simplest setup for testing Agent Canvas-style backends, local integrations, and client-server SDK applications.

Install

Create a Python environment and install the same release of the server package and SDK packages it uses: 
python -m venv .venv
source .venv/bin/activate
export OPENHANDS_VERSION="1.24.0"
pip install -U \
  "openhands-sdk==$OPENHANDS_VERSION" \
  "openhands-tools==$OPENHANDS_VERSION" \
  "openhands-workspace==$OPENHANDS_VERSION" \
  "openhands-agent-server==$OPENHANDS_VERSION"

Start Without Authentication

For local development on your own machine, start the server on loopback: 
python -m openhands.agent_server --host 127.0.0.1 --port 8000
Verify that it is running: 
curl http://127.0.0.1:8000/health
Open the API docs at http://127.0.0.1:8000/docs. If SESSION_API_KEY or OH_SESSION_API_KEYS_* is already set in your shell, the server will require that key for /api/* requests. Unset those variables for unauthenticated local-only testing.
This unauthenticated mode is only appropriate for local development. Do not bind an unauthenticated server to a public or shared network interface.

Start With an API Key

Set a session API key before starting the server: 
export OH_SESSION_API_KEYS_0="$(openssl rand -hex 32)"
export OH_SECRET_KEY="$(openssl rand -hex 32)"

python -m openhands.agent_server --host 127.0.0.1 --port 8000
Requests to /api/* must include the session key. This request returns the conversation count when the key is accepted: 
curl \
  -H "X-Session-API-Key: $OH_SESSION_API_KEYS_0" \
  http://127.0.0.1:8000/api/conversations/count
Use OH_SECRET_KEY whenever you want conversations and stored settings to survive restarts with their sensitive values intact. Keep this value stable and store it in your normal secret manager.

Connect From the SDK

Use Workspace(host=..., api_key=...) to connect SDK code to the server: 
import os

from pydantic import SecretStr

from openhands.sdk import Conversation, LLM, Workspace
from openhands.tools.preset.default import get_default_agent


llm = LLM(
    model=os.environ.get("LLM_MODEL", "anthropic/claude-sonnet-4-5-20250929"),
    api_key=SecretStr(os.environ["LLM_API_KEY"]),
)
agent = get_default_agent(llm=llm, cli_mode=True)

workspace = Workspace(
    host="http://127.0.0.1:8000",
    api_key=os.environ.get("OH_SESSION_API_KEYS_0"),
    working_dir="workspace/project",
)

conversation = Conversation(agent=agent, workspace=workspace)
conversation.send_message("Create a NOTES.md file with three facts about this project.")
conversation.run()
conversation.close()
If the server was started without OH_SESSION_API_KEYS_0, omit api_key.

Connect From Another Service

For a backend service, configure two values:
  • The Agent Server URL, for example http://127.0.0.1:8000.
  • The session API key, passed as X-Session-API-Key on API requests or as api_key when using the SDK Workspace.
Keep the Agent Server bound to 127.0.0.1 when the backend runs on the same machine. If the backend runs on another host, use a private network or reverse proxy, enable TLS, and restrict network access to trusted callers.

Configure CORS

Most backends call the Agent Server from server-side code and do not need CORS. If browser code calls the Agent Server directly, allow that origin: 
export OH_ALLOW_CORS_ORIGINS_0="https://your-frontend.example.com"
Localhost and 127.0.0.1 origins are allowed automatically.

Run From the SDK Repository

When developing OpenHands/software-agent-sdk itself: 
git clone https://github.com/OpenHands/software-agent-sdk.git
cd software-agent-sdk
uv sync
uv run python -m openhands.agent_server --host 127.0.0.1 --port 8000

Ready-to-Run Example

This example is available on GitHub: examples/02_remote_agent_server/01_convo_with_local_agent_server.py.
The example starts a local Agent Server subprocess, waits for it to become healthy, connects with Workspace(host=...), and runs a RemoteConversation. You can run the example code as-is.
The model name should follow the LiteLLM convention: provider/model_name (e.g., anthropic/claude-sonnet-4-5-20250929, openai/gpt-4o). The LLM_API_KEY should be the API key for your chosen provider.
ChatGPT Plus/Pro subscribers: You can use LLM.subscription_login() to authenticate with your ChatGPT account and access Codex models without consuming API credits. See the LLM Subscriptions guide for details.

Troubleshooting

  • 401 Unauthorized: Check that the client sends X-Session-API-Key and that it matches OH_SESSION_API_KEYS_0.
  • Secrets are missing after restart: Set a stable OH_SECRET_KEY before starting the server.
  • The server is reachable locally but not from another machine: Use --host 0.0.0.0 only behind trusted network controls, then check firewall and proxy rules.
  • CORS errors in a browser: Set OH_ALLOW_CORS_ORIGINS_0 to the browser app origin.
  • Port conflict: Start with another port, for example --port 8001.

Next Steps