DOCUMENTATION

Introduction

SpendGuard is the economic permissions control plane for AI agents. Public beta is sandbox-first: build with agents, mandates, short-lived execution tokens, and SpendGuard action routes before any controlled production preview is approved.

What is SpendGuard?

In an agentic economy, AI systems need to spend budget on payments, model tokens, tools, and delegated child-agent work. Giving an agent raw long-lived credentials is the wrong default for a public beta system.

SpendGuard keeps setup credentials in trusted backend code, mints short-lived execution tokens for agent runs, and evaluates every economic action through estimate, authorize, reserve, capture, release, audit, and dashboard evidence paths.

For Developers

Start with sandbox quickstarts, SDK helpers, and the tool-spend lifecycle examples.

View Quickstart

For Security Teams

Review execution-token, mandate, replay, audit, and production-preview gate boundaries.

Security Model

For Agent Platforms

Use OpenAPI action routes or the thin MCP wrapper for estimate, authorize, reserve, capture, release, and lease tools.

Integration Paths

Core Principles

Sandbox-first public beta

Public users learn with sandbox funding, sandbox payments, and dashboard evidence before live production rails are approved.

Execution-token-first agent spend

Agent tools use short-lived scoped execution tokens, not raw long-lived API keys.

SpendGuard action lifecycle

Payment, token, tool, and delegated spend move through estimate, authorize, reserve, capture, release, denial, and audit states.

Production preview is gated

Live money movement requires hosted health, hosted activation, provider, webhook, reconciliation, support, rollback, and tenant go/no-go evidence.

Public Beta Reference Map

Sandbox tutorial API reference SDKs MCP and integrations OpenAPI action schema: spendguard-actions.openapi.yaml Security model Claims evidence matrix: spendguard_claims_evidence_matrix_current.md