Managing Agents

Create, configure, and monitor your AI agents.

Personal vs Organization Agents

TeeckIn supports two types of agents, depending on your workflow:

Personal Agents

-Tied to your user account, no organization required
-Works with your personal topics, categories, and timer
-Requires Pro subscription
-Ideal for freelancers tracking their own time

Organization Agents

-Scoped to a specific organization
-Works with organization topics, categories, and timers
-Requires Team plan (org owner must have Team subscription)
-Ideal for teams tracking time together

One Agent, Multiple Projects

A single agent can be shared across multiple projects if they use the same context. For example, one personal agent can track time across all your personal projects.

Accessing Agent Settings

Where you manage agents depends on the type:

-Personal Agents: Settings > Agents (in personal context)
-Organization Agents: Organization Settings > Agents

Permissions

For organization agents, regular members can only see their own agents. Admins and owners can see and manage all agents in the organization.

Creating an Agent

You can create agents either manually in TeeckIn, or automatically during the OAuth flow (for tools like Claude Code that support browser-based authentication).

Manual Creation (UI)

1Click Add Agent
2Select the agent type (Claude Code, Cursor, etc.)
3Give it a descriptive name (e.g., "Jordan's MacBook Claude")
4Optionally add a description
5Click Create

Automatic Creation (Browser OAuth)

When using Claude Code or other tools that support browser-based OAuth, you can create a new agent directly in the authorization flow - no need to visit TeeckIn settings first.

The authorization screen shows all your available agents, grouped by context:

-Personal: Your personal agents + option to create new
-Organizations: Each org you belong to with its agents + option to create new

This allows you to choose where time should be tracked - under your personal account or under a specific organization - directly during the OAuth flow.

Claude Code Users

You typically don't need to create agents manually. When you first connect Claude Code, your browser opens and you can create an agent right there. No secrets to copy!

Managing Secrets (Client Credentials)

When are secrets needed?

Secrets are only required for AI tools that don't support browser-based OAuth (like Cursor, Copilot, Windsurf, or custom integrations).

Claude Code does NOT need secrets - it uses browser-based OAuth with PKCE, which is more secure and easier to manage.

For tools that need Client Credentials authentication, each agent can have up to . Multiple secrets are useful for:

-Zero-downtime secret rotation
-Different machines (work laptop, home desktop)
-CI/CD environments with separate secrets

Save Your Credentials

When you create an agent manually or add a new secret, the Client Secret is only shown - copy it immediately! You can always see the Client ID later, but not the secret.

Creating Additional Secrets

Click on the agent card to expand it
Go to the Secrets tab
Click New Secret
Optionally add a label (e.g., "Production Server")
Copy the new secret immediately - it won't be shown again

Deleting Secrets

To delete a secret, find it in the Secrets tab and click Delete. The secret stops working immediately. You must have at least one secret remaining.

Secret Rotation Pattern

For zero-downtime rotation: (1) Create new secret in TeeckIn UI, (2) Run to update your local config, (3) Verify everything works, (4) Delete the old secret in the UI.

Editing Agents

Click the edit button on an agent card to change its name or description. The agent type cannot be changed after creation.

Deleting Agents

When you delete an agent:

-All secrets are immediately invalidated
+Time entries are preserved with full attribution
-Agent is marked as inactive and hidden from lists
+Inactive agents don't count toward plan limits

Time entries will show the agent's name with an "(Inactive)" badge in historical views.

Reactivating Agents

Deleted agents can be reactivated from the agent settings. Reactivation preserves the agent's identity and historical attribution. You'll need to create a new secret after reactivation.

Monitoring Usage

Each agent card shows:

-Last active: When the agent last made an API call
-Secret count: How many active secrets exist

Each secret shows when it was last used, helping you identify and clean up unused credentials.

Activity Log

Expand an agent card and click the Activity Log tab to see a detailed history of the agent's actions. This includes:

-Timer start/stop events
-Time entry updates
-Authentication attempts
-IP addresses (for security monitoring)

Audit Compliance

The activity log helps meet audit requirements by documenting all AI-assisted work.

Organization Agent Settings

Owners and admins can configure organization-wide agent settings from the Agents settings page:

-Topic Selection Guidance: Help agents understand how to select the right topic based on the work they're doing
-Default Agent Hourly Rate: Set a default rate for agent hours when included on invoices
-Include Agent Hours on Invoices: Control whether agent hours are included by default when creating invoices

Agent Hours on Invoices

By default, agent hours are not included on invoices. When creating an invoice, you can choose to:

-Exclude agent hours entirely (default)
-Include at organization's default agent rate
-Include at a custom rate for this invoice

Agent Hours Badge

When creating invoices, agent time entries are marked with an "Agent" badge so you can easily identify them.

Agent Attribution

Every time entry created by an agent is automatically tagged with the agent's identity. This attribution helps you:

-Track AI-assisted work: Know exactly which entries were created by agents vs. humans
-Audit compliance: Maintain clear records of AI involvement in your work
-Billing decisions: Easily identify agent hours when preparing invoices

The agent's name appears on time entries in the calendar, timer history, and billing screens. Even if an agent is later deleted, the attribution is preserved showing "Deleted Agent" for historical records.

Full Control

You retain full control over agent-created entries. You can edit, delete, or modify any time entry regardless of whether it was created by you or an agent.

Agents in Data Export/Import

When you export your data, agents are included for historical accuracy:

-Agent metadata: Name, type, and configuration are exported
-Time entry attribution: Which agent created each entry is preserved
-Secrets: Not exported (security)

When Importing

Agents are imported as inactive since secrets cannot be transferred. This ensures:

+Historical attribution is preserved accurately
+Audit trails remain intact
-Imported agents cannot authenticate until reactivated

After Import

To use an imported agent, reactivate it from agent settings and create a new secret. Alternatively, create a fresh agent if you prefer starting clean.

Filtering Agent Hours in Calendar

The calendar view includes filtering options to separate human and agent work:

-All: Show all time entries from both humans and agents
-Humans: Show only human team member entries
-Agents: Show only AI agent entries

Access these filters by clicking the filter icon in the calendar toolbar. You can also combine these with member and group filters.

Security Best Practices

✓

Never commit secrets to git

Use environment variables or .env files (add to .gitignore)

✓

Use descriptive secret labels

'Production Server' or 'Jordan MacBook' is better than no label

✓

Rotate secrets periodically

Create a new secret, update your systems, then delete the old one

✓

Delete unused secrets

Check 'Last used' dates and clean up old secrets

✓

One secret per environment

Makes it easy to rotate if one environment is compromised

✓

Use OAuth discovery

The @teeckin/agent CLI uses OAuth 2.0 with automatic token refresh