# `ADK.Auth.Config`
[🔗](https://github.com/zeroasterisk/adk-elixir/blob/main/lib/adk/auth/config.ex#L1)

Declares authentication requirements for a tool.

Mirrors Python ADK's `AuthConfig` on tools — specifies what type of
credential a tool needs and how to obtain it.

## Credential Key

Each config carries a `credential_key` used to save/load credentials
from a credential service. You can set it explicitly, or let it be
auto-generated from the config fields via `credential_key/1`.

## Examples

    config = ADK.Auth.Config.new(
      credential_type: :oauth2,
      required: true,
      scopes: ["read", "write"],
      provider: "github"
    )

    # Auto-generated key
    ADK.Auth.Config.credential_key(config)
    #=> "adk_oauth2_a1b2c3d4..."

    # Explicit key
    config = ADK.Auth.Config.new(
      credential_type: :oauth2,
      credential_key: "my_custom_key"
    )
    ADK.Auth.Config.credential_key(config)
    #=> "my_custom_key"

# `t`

```elixir
@type t() :: %ADK.Auth.Config{
  credential_key: String.t() | nil,
  credential_name: String.t() | nil,
  credential_type: ADK.Auth.Credential.credential_type(),
  exchanged_credential: ADK.Auth.Credential.t() | nil,
  provider: String.t() | nil,
  raw_credential: ADK.Auth.Credential.t() | nil,
  required: boolean(),
  scopes: [String.t()]
}
```

# `credential_key`

```elixir
@spec credential_key(t()) :: String.t()
```

Returns the credential key for this config.

If an explicit `credential_key` was set, returns it as-is.
Otherwise, auto-generates a stable key from the config's
`credential_type`, `raw_credential`, `provider`, and `scopes`.

The generated key is deterministic — same inputs always produce
the same key, regardless of map ordering.

# `new`

```elixir
@spec new(keyword()) :: t()
```

Create a new auth config.

---

*Consult [api-reference.md](api-reference.md) for complete listing*