v0.7.0 — Soul Layer

Passport for
AI Agents

Simple, secure authentication for AI agents. Built for developers who value
simplicity, security, and performance. Open source and ready to scale.

Get Started View on GitHub

Tests Passing

100%

Open Source

<5ms

Auth Latency

terminal

# Install AgentAuth
npm install agentauth

# Register an agent
curl -X POST https://agent-identity-production-dc4e.up.railway.app/v1/agents/register \
  -H "Content-Type: application/json" \
  -d '{"name":"MyAgent","owner_email":"you@example.com"}'

✓ Agent registered successfully
→ Agent ID: ag_abc123
→ API Key: ag_sk_xyz789

Built for Simplicity

Everything you need for agent authentication, nothing you don't

JWT Authentication

Industry-standard tokens with refresh support. Secure, stateless, and scalable out of the box.

Rate Limiting

Per-agent rate limits with tiered access. Free, Pro, and Enterprise tiers built-in.

Webhooks

Real-time notifications for agent events. Secure signature verification included.

Scoped Permissions

Fine-grained access control. Define exactly what each agent can do.

High Performance

Zero memory leaks, optimized queries, sub-5ms auth checks. Built for production.

Activity Logging

Complete audit trail with pagination. Track every authentication event.

Interactive API Docs

Swagger UI built-in. Test endpoints in your browser with full OpenAPI 3.1 spec.

Live Monitoring

Real-time status page with 99.9% uptime SLA. Public incident transparency.

Enterprise Ready

Legal compliance (TOS, Privacy), SLA, security policy. Zero blockers for adoption.

NEW in v0.7.0

Persona System

Define your agent's "digital soul" with personality traits, guardrails, and constraints. HMAC-signed integrity verification and version history.

NEW in v0.7.0

ZKP Verification

Zero-knowledge proof authentication. Agents prove identity without revealing credentials. Groth16 proofs and hash-based commitment modes.

NEW in v0.7.0

Anti-Drift Vault

Real-time behavioral drift detection with weighted scoring, spike anomaly detection, and automatic revocation when agents go off-baseline.

Get Started in Minutes

Three steps to secure your AI agents

Install & Setup

npm install agentauth

// Initialize client
const AgentAuth = require('agentauth');
const auth = new AgentAuth({
  apiUrl: 'https://agent-identity-production-dc4e.up.railway.app',
  apiKey: process.env.AGENTAUTH_KEY
});

const agent = await auth.register({
  name: 'MyAgent',
  permissions: ['read', 'write']
});

console.log('Agent ID:', agent.id);
console.log('API Key:', agent.apiKey);

Authenticate

const token = await auth.verify({
  agentId: agent.id,
  apiKey: agent.apiKey
});

// Use token in requests
const response = await fetch('/api/data', {
  headers: { 'Authorization': `Bearer ${token.accessToken}` }
});

Install & Setup

pip install agentauth

# Initialize client
from agentauth import AgentAuth

auth = AgentAuth(
    api_url='https://api.agentauth.dev',
    api_key=os.getenv('AGENTAUTH_KEY')
)

agent = auth.register(
    name='MyAgent',
    permissions=['read', 'write']
)

print(f'Agent ID: {agent["id"]}')
print(f'API Key: {agent["apiKey"]}')

Authenticate

token = auth.verify(
    agent_id=agent['id'],
    api_key=agent['apiKey']
)

# Use token in requests
response = requests.get('/api/data',
    headers={'Authorization': f'Bearer {token["accessToken"]}'}
)

curl -X POST https://agent-identity-production-dc4e.up.railway.app/v1/agents/register \
  -H "Content-Type: application/json" \
  -d '{
    "name": "MyAgent",
    "owner_email": "you@example.com",
    "permissions": ["read", "write"]
  }'

Verify Agent

curl -X POST https://api.agentauth.dev/agents/verify \
  -H "Content-Type: application/json" \
  -d '{
    "agentId": "agent_abc123",
    "apiKey": "ak_xxxxxxxxxxxx"
  }'

Use Token

curl https://api.agentauth.dev/agents/YOUR_AGENT_ID \
  -H "Authorization: Bearer eyJhbGciOiJIUzI1..."

Try v0.7.0 in the Sandbox

Interactive curl examples for Persona, ZKP, and Anti-Drift

curl -X POST https://agent-identity-production-dc4e.up.railway.app/v1/agents/YOUR_AGENT_ID/persona \
  -H "Content-Type: application/json" \
  -H "X-Api-Key: YOUR_API_KEY" \
  -H "Authorization: Bearer YOUR_TOKEN" \
  -d '{
    "version": "1.0.0",
    "personality": {
      "traits": { "helpfulness": 0.9, "formality": 0.7 }
    },
    "guardrails": {
      "toxicity_threshold": 0.3,
      "hallucination_tolerance": "strict"
    },
    "constraints": {
      "forbidden_topics": ["politics", "religion"],
      "max_response_length": 2000
    }
  }'

Verify Persona Integrity

curl -X POST https://agent-identity-production-dc4e.up.railway.app/v1/agents/YOUR_AGENT_ID/persona/verify \
  -H "X-Api-Key: YOUR_API_KEY" \
  -H "Authorization: Bearer YOUR_TOKEN"

# Response: { "valid": true, "persona_hash": "abc123...", "reason": "HMAC match" }

curl -X POST https://agent-identity-production-dc4e.up.railway.app/v1/zkp/register-commitment \
  -H "Content-Type: application/json" \
  -d '{
    "agent_id": "YOUR_AGENT_ID",
    "api_key": "YOUR_API_KEY",
    "expires_in": 3600
  }'

# Response: { "commitment": "abc123...", "salt": "xyz789..." }
# SAVE THE SALT — it is only shown once!

Verify Anonymously (Hash Mode)

curl -X POST https://agent-identity-production-dc4e.up.railway.app/v1/zkp/verify-anonymous \
  -H "Content-Type: application/json" \
  -d '{
    "commitment": "YOUR_COMMITMENT_HASH",
    "mode": "hash",
    "preimage_hash": "SHA256_OF_AGENT_ID_SALT"
  }'

# Response: { "valid": true, "permissions": ["read","write"], "tier": "pro" }

Submit Health Ping

curl -X POST https://agent-identity-production-dc4e.up.railway.app/v1/drift/YOUR_AGENT_ID/health-ping \
  -H "Content-Type: application/json" \
  -H "X-Api-Key: YOUR_API_KEY" \
  -H "Authorization: Bearer YOUR_TOKEN" \
  -d '{
    "metrics": {
      "toxicity_score": 0.12,
      "response_adherence": 0.95,
      "hallucination_rate": 0.03
    },
    "request_count": 150
  }'

# Response: { "drift_score": 0.08, "status": "ok" }

Get Drift Score

curl https://agent-identity-production-dc4e.up.railway.app/v1/drift/YOUR_AGENT_ID/drift-score

# Response includes score, thresholds, trend, and spike warnings

Try AgentAuth in Your Browser

Interactive playgrounds - no installation required

TypeScript / Node.js

Open in StackBlitz →

Try the TypeScript SDK with full auto-complete and type safety. Perfect for Express, Next.js, and Node.js apps.

✨ Auto-complete 🔒 Type-safe ⚡ Live demo

import { AgentAuthClient, Permissions } from '@umytbaynazarow/agentauth-sdk';

const client = new AgentAuthClient({
  baseURL: 'https://agent-identity-production-dc4e.up.railway.app'
});

const { agent, credentials } = await client.registerAgent({
  name: 'Demo Agent',
  permissions: [
    Permissions.Zendesk.Tickets.Read,  // Auto-complete!
    Permissions.Slack.Messages.Write,
  ]
});

Python / FastAPI

Open in Google Colab →

Try the Python SDK in Google Colab with zero setup. Includes async/await, context managers, and full type hints.

🐍 Async/await 📓 Jupyter Notebook ⚡ No setup required

from agentauth_sdk import AgentAuthClient, Permissions

async with AgentAuthClient(base_url='https://agent-identity-production-dc4e.up.railway.app') as client:
    result = await client.register_agent(
        name='Demo Agent',
        permissions=[
            Permissions.Zendesk.Tickets.Read,
            Permissions.Slack.Messages.Write,
        ]
    )

📘 TypeScript SDK 📗 Python SDK 📙 CLI Guide 📚 Full API Docs

v0.7.0 New Endpoints

Persona

POST /v1/agents/:id/persona GET /v1/agents/:id/persona PUT /v1/agents/:id/persona POST /v1/agents/:id/persona/verify GET /v1/agents/:id/persona/history GET /v1/agents/:id/persona/export POST /v1/agents/:id/persona/import

ZKP

POST /v1/zkp/register-commitment POST /v1/zkp/verify-anonymous

Anti-Drift

POST /v1/drift/:id/health-ping GET /v1/drift/:id/drift-score GET /v1/drift/:id/drift-history PUT /v1/drift/:id/drift-config GET /v1/drift/:id/drift-config

Passport for
AI Agents

Built for Simplicity

JWT Authentication

Rate Limiting

Webhooks

Scoped Permissions

High Performance

Activity Logging

Interactive API Docs

Live Monitoring

Enterprise Ready

Persona System

ZKP Verification

Anti-Drift Vault

Get Started in Minutes

Try it Live

Register Agent

Verify & Get Token

Fetch Agent Details

Authentication Complete!

Try v0.7.0 in the Sandbox

Try AgentAuth in Your Browser

TypeScript / Node.js

Python / FastAPI

v0.7.0 New Endpoints

Persona

ZKP

Anti-Drift

What's New in v0.7.0

Persona ("Digital Soul")

ZKP Anonymous Auth

Anti-Drift Vault

Ready to Secure Your Agents?

Passport for AI Agents

Built for Simplicity

JWT Authentication

Rate Limiting

Webhooks

Scoped Permissions

High Performance

Activity Logging

Interactive API Docs

Live Monitoring

Enterprise Ready

Persona System

ZKP Verification

Anti-Drift Vault

Get Started in Minutes

Try it Live

Register Agent

Verify & Get Token

Fetch Agent Details

Authentication Complete!

Try v0.7.0 in the Sandbox

Try AgentAuth in Your Browser

TypeScript / Node.js

Python / FastAPI

v0.7.0 New Endpoints

Persona

ZKP

Anti-Drift

What's New in v0.7.0

Persona ("Digital Soul")

ZKP Anonymous Auth

Anti-Drift Vault

Ready to Secure Your Agents?

Passport for
AI Agents