What managed agents actually are
If you have built production agents on the standard Anthropic API messages endpoint, you know the tax: provision a Docker container, wire up a sandbox for code execution, manage tool runtimes, orchestrate the loop that feeds tool results back to the model, handle retries, stream partial output yourself. That is a meaningful ops burden before you have written a single line of domain logic.
Claude Managed Agents is a new execution layer that sits above the messages endpoint and absorbs that burden. Anthropic runs the agent loop in its own cloud environment. The built-in tools — web search, file I/O, sandboxed code execution, computer use — are already provisioned. You send a task, subscribe to an SSE stream, and receive execution events as the agent works. The analogy is imperfect but useful: think of it the way AWS Lambda removed the need to manage EC2 instances. You write the logic; the platform manages the runtime.
This is not the same thing as Claude Code, which is an agentic coding assistant that runs locally on your machine and operates on your filesystem. Managed Agents is a cloud execution environment accessed over an API. The two complement each other: use Claude Code to develop locally, use Managed Agents to deploy agent workloads in production.
The managed agents architecture is versioned separately from the messages API. The beta identifier managed-agents-2026-04-01 travels in a request header, so your existing messages-endpoint code is unaffected until you opt in.
The beta architecture at a glance
Three components matter for builders:
- Managed sandbox — each agent run executes in an isolated environment hosted by Anthropic. You do not provision or tear down containers. File system access, network access, and process execution are all scoped to the sandbox lifetime.
- Built-in tools — four tools are available without any configuration on your part: web search, file I/O (read/write within the sandbox), code execution (Python, with output captured), and computer use (for GUI-based tasks). You declare which subset you want enabled per request.
- Server-sent event streaming — rather than blocking on a single response object, you subscribe to an SSE stream and receive typed events as the agent works:
agent_start,tool_call,tool_result,agent_message, andagent_complete. This makes real-time progress UX trivial to build.
Authentication and your first request
The beta header
Access to Managed Agents during the public beta requires one additional HTTP header alongside your normal API key. There is no separate credential or waitlist — every API tier has access from day one.
anthropic-beta: managed-agents-2026-04-01Python — minimal managed-agent request
The example below creates an agent task, enables web search and code execution, and prints the final response. It uses the anthropic Python SDK; upgrade to the latest version before running.
import anthropic
client = anthropic.Anthropic() # reads ANTHROPIC_API_KEY from env
response = client.beta.managed_agents.create(
model="claude-opus-4-7-20261001", # or any supported model
max_tokens=4096,
tools=[
{"type": "web_search"},
{"type": "code_execution"},
],
messages=[
{
"role": "user",
"content": (
"Search for the latest EU AI Act enforcement timeline "
"and write a two-paragraph summary with cited sources."
),
}
],
betas=["managed-agents-2026-04-01"],
)
print(response.content[0].text)The SDK method path (client.beta.managed_agents) reflects Anthropic's convention for beta endpoints and may shift before general availability. Always pin your SDK version in requirements.txt during beta to avoid silent breaking changes.
TypeScript — the same request
For TypeScript teams using the @anthropic-ai/sdk package, the pattern is identical. Install the latest SDK and pass the beta header in the request options.
import Anthropic from "@anthropic-ai/sdk";
const client = new Anthropic(); // reads ANTHROPIC_API_KEY from env
const response = await client.beta.managedAgents.create({
model: "claude-opus-4-7-20261001",
max_tokens: 4096,
tools: [
{ type: "web_search" },
{ type: "code_execution" },
],
messages: [
{
role: "user",
content:
"Search for the latest EU AI Act enforcement timeline " +
"and write a two-paragraph summary with cited sources.",
},
],
betas: ["managed-agents-2026-04-01"],
});
console.log(response.content[0].text);Using the built-in tools
You declare the tools you need per request. The sandbox provisions them at runtime; you receive results as structured events in the SSE stream (or in the final response if you use the synchronous path).
| Tool type | What it does | Typical use case |
|---|---|---|
web_search |
Issues web queries and returns excerpts with source URLs | Research tasks, news retrieval, fact-checking |
file_io |
Reads and writes files within the sandbox filesystem | Document ingestion, report writing, data transformation |
code_execution |
Runs Python in a sandboxed interpreter; stdout/stderr captured | Data analysis, computation, PDF parsing, chart generation |
computer_use |
Operates a virtual desktop environment via screenshots and input events | GUI automation, browser tasks, legacy-app integration |
Only declare the tools your task genuinely requires. Each enabled tool increases the surface of the sandbox and has cost implications; keeping the set minimal is good practice throughout the beta.
Streaming execution events via SSE
The SSE path is where Managed Agents becomes genuinely different from the messages endpoint. Instead of waiting for a complete response, you subscribe to a stream and receive events in real time. This is what enables progress indicators, partial outputs, and tool-call visibility in your application UI.
Python — SSE stream consumer
import anthropic
client = anthropic.Anthropic()
with client.beta.managed_agents.stream(
model="claude-opus-4-7-20261001",
max_tokens=8192,
tools=[
{"type": "web_search"},
{"type": "file_io"},
{"type": "code_execution"},
],
messages=[
{
"role": "user",
"content": (
"Review the attached compliance document, extract all "
"obligations with deadlines, run a Python check for any "
"dates that fall within 90 days, and produce a report."
),
}
],
betas=["managed-agents-2026-04-01"],
) as stream:
for event in stream:
event_type = event.type
if event_type == "agent_start":
print(f"[start] agent_id={event.agent_id}")
elif event_type == "tool_call":
print(f"[tool] {event.tool_name} — input: {event.input!r:.80}")
elif event_type == "tool_result":
print(f"[result] {event.tool_name} — {len(str(event.output))} chars")
elif event_type == "agent_message":
# Partial text delta — render progressively in your UI
print(event.delta, end="", flush=True)
elif event_type == "agent_complete":
print(f"\n[done] usage={event.usage}")
breakThe agent_message delta events arrive as partial text chunks, similar to the text_delta events on the standard streaming messages endpoint. Buffer them and flush to your frontend via a WebSocket or your own SSE relay — this is the standard pattern for real-time agent UIs.
The ant CLI
Anthropic ships a purpose-built CLI alongside the Managed Agents API. This is separate from Claude Code — the ant CLI is designed for API interaction, not for operating on a local codebase. Think of it as a thin shell around the Managed Agents API that also handles YAML-based resource versioning.
Installation
# macOS (Homebrew)
brew install anthropics/tap/ant
# Verify installation
ant --version
# Authenticate with your API key
ant auth loginRun a task from the CLI
# Minimal managed-agent task — streams output to stdout
ant run --model claude-opus-4-7-20261001 \
--tools web_search,code_execution \
--message "Summarise the top 5 AI funding rounds this week"
# Load task configuration from a YAML manifest
ant run --file agent-task.yamlYAML-based API resource versioning
The ant CLI introduces YAML manifests for agent tasks, enabling reproducible deployments and version-controlled configurations. A manifest captures the model, tools, system prompt, and any files to be injected into the sandbox.
# agent-task.yaml
version: "managed-agents-2026-04-01"
model: claude-opus-4-7-20261001
max_tokens: 8192
tools:
- type: web_search
- type: file_io
- type: code_execution
system: |
You are a compliance analyst. Always cite sources.
Format all output as structured Markdown.
messages:
- role: user
content: "Review the documents in ./input/ and produce a risk report."
files:
input/:
- ./local-docs/contract-2026-q2.pdf
- ./local-docs/policy-amendments.docx
output:
path: ./reports/
format: markdownCommit agent-task.yaml to your repository. CI can call ant run --file agent-task.yaml to reproduce the exact same agent configuration on every run. This is the equivalent of a docker-compose.yml for agent workloads — declarative, diffable, reviewable.
Pin the version field in your YAML manifest to the specific beta identifier. When Anthropic releases a new API version, you choose when to upgrade by updating that field and testing against your task suite — you are not forced to absorb breaking changes automatically.
Building agents in production? Connect with other verified Builders.
AI Tech Connect is where Indian and UK AI engineers get found by teams hiring. Browse profiles or add your own.
Browse AI Builders →Worked example: a compliance document review agent
This example demonstrates what makes Managed Agents compelling in practice. The task: ingest a set of compliance documents, extract all obligations that carry deadlines, run a Python check to flag anything falling within the next 90 days, and produce a structured Markdown report. Previously, this required a custom orchestration loop, a Docker image with a PDF parser, and your own code-execution sandbox. With Managed Agents, the entire workflow runs in Anthropic's cloud.
import anthropic
import base64
import pathlib
client = anthropic.Anthropic()
def encode_file(path: str) -> str:
"""Base64-encode a local file for upload to the agent sandbox."""
return base64.standard_b64encode(pathlib.Path(path).read_bytes()).decode()
# Attach documents to the agent task via file_io tool context
documents = [
{
"type": "file",
"name": "contract-2026-q2.pdf",
"data": encode_file("./docs/contract-2026-q2.pdf"),
"media_type": "application/pdf",
},
{
"type": "file",
"name": "policy-amendments.docx",
"data": encode_file("./docs/policy-amendments.docx"),
"media_type": "application/vnd.openxmlformats-officedocument"
".wordprocessingml.document",
},
]
task_prompt = """
You have two documents available in the sandbox:
- contract-2026-q2.pdf
- policy-amendments.docx
Complete the following steps in order:
1. Use file_io to read both documents.
2. Extract every obligation that carries an explicit deadline or time limit.
3. Use code_execution to run Python that:
a. Parses each deadline date.
b. Computes how many days remain from today (2026-05-04).
c. Flags any obligation due within 90 days as HIGH PRIORITY.
4. Produce a Markdown report with two sections:
- HIGH PRIORITY obligations (due ≤ 90 days)
- STANDARD obligations (due > 90 days)
Include the source document and page reference for each item.
"""
print("Starting compliance review agent...")
full_report = []
with client.beta.managed_agents.stream(
model="claude-opus-4-7-20261001",
max_tokens=8192,
tools=[
{"type": "file_io"},
{"type": "code_execution"},
],
messages=[
{
"role": "user",
"content": [
{"type": "text", "text": task_prompt},
*documents,
],
}
],
betas=["managed-agents-2026-04-01"],
) as stream:
for event in stream:
if event.type == "tool_call":
print(f" [tool] {event.tool_name}")
elif event.type == "tool_result" and event.tool_name == "code_execution":
if event.output.get("stdout"):
print(f" [code output]\n{event.output['stdout']}")
elif event.type == "agent_message":
full_report.append(event.delta)
elif event.type == "agent_complete":
print(f"\n [complete] tokens used: {event.usage}")
report_text = "".join(full_report)
pathlib.Path("./reports/compliance-review.md").write_text(report_text)
print("\nReport saved to ./reports/compliance-review.md")The agent handles PDF and DOCX parsing, writes Python to compute date deltas, runs that code in the sandbox, and assembles the final report — all without you provisioning a single container. For a compliance team at an Indian SaaS company or a UK financial-services firm, the ops burden drops from "we need a DevOps sprint" to "we need a Python file".
Cost and rate limits during the beta
Anthropic has not published a separate pricing sheet for Managed Agents as of the beta launch on 8 April 2026. Usage is billed against your existing API tier based on the underlying model token consumption. Tool use and sandbox runtime may attract additional charges once the product reaches general availability — treat current beta pricing as provisional and monitor the Anthropic pricing page before committing Managed Agents to a cost-sensitive production path.
Rate limits during the beta follow your existing API tier limits. There is no separate quota for Managed Agents requests, but long-running agent tasks that issue many tool calls can consume token budget quickly. Recommended practices:
- Set explicit
max_tokensand, where the SDK supports it, per-tool call limits. - Build a
agent_completeevent handler that logsevent.usageon every run so you can track consumption from day one. - Avoid enabling
computer_useunless your task genuinely requires GUI interaction — it is the most resource-intensive built-in tool.
Beta pricing typically changes at GA. Anthropic has a history of adjusting API costs as products mature and infrastructure costs become clearer. Pin a budget alert in your cloud billing console now rather than assuming beta rates are permanent.
Guidance for Indian and UK teams
Indian SaaS teams — low-latency routing
At beta launch, Anthropic serves Managed Agents from its standard API infrastructure. For Indian teams, particularly those in Bengaluru, Hyderabad, and the NCR, the most reliable latency optimisation available today is the same as for the standard API: route through a Mumbai-region cloud gateway (AWS ap-south-1 or GCP asia-south1) that forwards to the Anthropic endpoint, rather than calling the endpoint directly from application servers. This shaves 40–80ms off typical round-trip times on interactive requests.
For batch and offline agent workloads — document review, overnight data pipelines, asynchronous research tasks — latency is largely irrelevant, and Indian teams can use Managed Agents without any routing adjustments. The SSE stream model is also well-suited to high-latency connections: events arrive as they are generated rather than requiring a low-latency persistent connection to a final response.
"Our compliance pipeline previously ran on a Kubernetes job with a custom Python executor, a Redis queue, and three microservices stitching together the Claude API, a PDF parser, and a code runner. We replaced it with a single Managed Agents task and a forty-line Python script. The ops burden went to zero. For a ten-person product team in Bengaluru, that is a meaningful difference."
— Verified Builder · Bengaluru, IndiaUK teams — GDPR and data residency
UK organisations processing personal data under UK GDPR face an additional consideration. At public beta launch, Anthropic has not published a formal data-residency region selector for Managed Agent sandboxes, and the data processing addendum (DPA) that governs the standard API applies by default.
Practical guidance for UK teams before a compliant regional endpoint is available:
- Do not pass content containing personal data (names, identifiers, health records, financial records) into Managed Agent tasks until you have confirmed the sandbox region and reviewed the applicable DPA.
- Use the beta for tasks that operate on anonymised or synthetic data, internal process documents, and public-domain content.
- Monitor the Anthropic trust and safety documentation for the announcement of EU/UK regional endpoints — this is the natural next step after the beta stabilises.
- If your organisation already has an enterprise agreement with Anthropic that includes a UK or EU DPA addendum, engage your account manager to understand the current data-residency commitments for Managed Agents specifically.
For UK AI-native startups and financial-services teams, the compliance posture is "use carefully in beta, plan for production once regional endpoints land" — the same pragmatic stance most took with the standard API in 2024.
What this changes for builders
The trajectory is clear. Just as the serverless movement did not eliminate the need to write backend code but did eliminate the need to manage servers, Managed Agents does not eliminate the need to design agent logic but does eliminate the need to manage agent infrastructure. For teams at verified AI Builders across India and the UK, that is a meaningful shift in where engineering effort goes.
The beta is open today. If you are building on the Anthropic API, the activation cost is a single HTTP header and fifteen minutes with the Python examples above. The Claude Opus 4.7 model that powers Managed Agents is the same model you may already be using for long-context tasks — it brings its 1M-token context window into the managed execution environment, which opens up document-heavy agent workloads that would previously have required complex chunking strategies.
The ant CLI and YAML manifests are worth adopting even if you do not yet use them in CI. Treating agent task definitions as versioned artefacts — diffable, reviewable, deployable — is a practice that will compound in value as agent workloads grow more complex. Start the habit now, in beta, when the stakes are low.