Verifiable Authorization for AI Agents
Cryptographic proof of what agents are authorized to do
What is AgentOAuth?
AgentOAuth is a neutral protocol for AI agents to prove who authorized what. It provides verifiable authorization tokens with clear scope, limits, and expirationβbuilt on OAuth/JWT patterns for maximum interoperability.
Unlike traditional OAuth which only proves "access was granted," AgentOAuth creates a cryptographic audit trail proving both the agent's intent and the verifier's approval.
Traditional OAuth
Problem: Only proves access, not specific intent
AgentOAuth
Benefit: Proves both intent AND verification
The Two-Layer Signature System
Every AgentOAuth transaction has two independent, verifiable signatures:
Intent Layer
Agent's Signature
{"policy": {...}, "exp": ..., "jti": ...}
<agent-signature>
Proves: "This agent was authorized by the user to perform this specific action"
Verification Layer
Verifier's Signature
{"decision": "ALLOW", ...}
<verifier-signature>
Proves: "A trusted third party verified and approved this request"
Why This Matters
If either side cheats or gets hacked, it's detectable.
- β Merchants can check the agent's token β "Was this really authorized?"
- β Auditors can check the verifier's receipt β "Did a trusted verifier approve?"
- β Rogue agents can't forge authorization (missing user delegation)
- β Compromised verifiers can't approve without valid agent tokens
What is a Consent Token?
A Consent Token is a signed JWT containing the agent's authorization policy. It specifies exactly what the agent can do, with verifiable limits and constraints.
Example Token Structure
{
"ver": "act.v0.2",
"user": "did:user:alice",
"agent": "did:agent:travel-assistant",
"scope": "payments.send",
"policy": {
"version": "pol.v0.2",
"id": "pol_abc123",
"actions": ["payments.send"],
"resources": [
{"type": "merchant", "match": {"ids": ["airbnb", "expedia"]}}
],
"limits": {
"per_txn": {"amount": 500, "currency": "USD"},
"per_period": {"amount": 1500, "currency": "USD", "period": "week"}
},
"constraints": {
"time": {"start": "08:00", "end": "20:00", "tz": "UTC"}
}
},
"policy_hash": "sha256:3fd9...",
"exp": 1762140000,
"jti": "act_unique_id"
}Policy Features
What operations are allowed (payments.send, data.read, etc.)
Which merchants or endpoints can be accessed
Per-transaction and per-period spending caps
Time windows, day-of-week restrictions, timezone aware
Quick Start: Verify a Token
No signup required! Start verifying tokens immediately:
Verify with cURL
# No API key needed!
curl -X POST https://verifier.agentoauth.org/verify \
-H "Content-Type: application/json" \
-d '{
"token": "eyJhbGciOiJFZERTQSI...",
"audience": "merchant.example"
}'Response (Success)
{
"valid": true,
"payload": {
"user": "did:user:alice",
"agent": "did:agent:travel-ai",
"scope": "payments.send",
"policy": {...}
},
"policy_decision": {
"allowed": true,
"receipt_id": "receipt_abc123",
"remaining": {
"period": 1100,
"currency": "USD"
}
}
}Creating Tokens
To create AgentOAuth tokens with policies:
Using the SDK (Recommended)
import { issueConsent, buildPolicyV2 } from '@agentoauth/sdk';
import { generateKeyPair, exportJWK } from 'jose';
// 1. Create policy
const policy = buildPolicyV2()
.id('pol_travel_001')
.actions(['payments.send'])
.merchants(['airbnb', 'expedia'])
.limitPerTxn(500, 'USD')
.limitPerPeriod(1500, 'USD', 'week')
.timeConstraints({ start: '08:00', end: '20:00', tz: 'UTC' })
.finalize();
// 2. Generate signing keys
const { privateKey } = await generateKeyPair('EdDSA');
const privateJWK = await exportJWK(privateKey);
// 3. Issue token
const { token } = await issueConsent({
user: 'did:user:alice',
agent: 'did:agent:travel-ai',
scope: 'payments.send',
policy: policy,
privateKey: privateJWK,
keyId: 'key-001',
expiresIn: '7d'
});
console.log('Token created:', token);Playground Demo Tokens
Want to test the full flow without setting up the SDK? The AgentOAuth Playground now supports demo token issuance for educational purposes!
How it Works
- Build a policy using the Policy Builder form
- Issue a demo token - server-signed with a dedicated demo issuer key
- Verify the token - test policy evaluation in real-time
- See the full flow - policy β token β verification β receipt
Demo tokens are signed with iss: https://demo.agentoauth.org and clearly
marked for testing. They provide a safe way to learn the protocol without managing keys.
For production: Use the SDK to generate tokens with your own issuer identity and keys.
Demo Token API
You can also issue demo tokens programmatically:
# Issue a demo token (100/hour rate limit per IP)
curl -X POST https://verifier.agentoauth.org/playground/issue-demo-token \
-H "Content-Type: application/json" \
-d '{
"policy": {
"version": "pol.v0.2",
"id": "pol_demo_001",
"actions": ["payments.send"],
"resources": [],
"limits": {
"per_txn": { "amount": 500, "currency": "USD" }
}
},
"user_id": "demo-user",
"agent_id": "demo-agent",
"expires_in": 3600
}'Demo Issuer JWKS
Demo tokens are signed with a dedicated demo issuer key. Public key available at:
https://verifier.agentoauth.org/playground/.well-known/jwks.jsonDemo Tokens
- β Perfect for learning the protocol
- β No key management needed
- β Server-signed (secure)
- β Verifiable by hosted verifier
- β οΈ Educational use only
Production Tokens (SDK)
- β Your own issuer identity
- β Your own signing keys
- β Full control and portability
- β Production-ready
- π Requires SDK setup
Free Tier Limits
The hosted verifier is free to use with generous limits:
per token issuer
per token issuer
per IP address
per IP address
No API key required! Rate limits are enforced by token issuer (iss claim)
and IP address. Perfect for testing, prototypes, and low-volume production use.
Need higher limits? Contact us for custom API keys with increased quotas.
API Endpoints
Verify AgentOAuth tokens with policy evaluation
Test policy evaluation without state changes
Retrieve signed verification receipt
Public keys for receipt verification
Service health and feature flags
Full API documentation: SPEC.md