Product / Identity

Agent Identity & Permissions

Cryptographic identity, scoped tokens, and fine-grained RBAC for every agent in your fleet.

identity.ts

// Register agent with scoped permissions

const agent = await agentpay.agents.create({

name: "procurement-bot",
role: "transactor",
permissions: ["payments:create"],
max_spend: 5000

});

Security

Zero-Trust Agent Identity

Every agent has its own cryptographic identity with precisely scoped permissions.

Each agent receives a unique RS256 signed token. Tokens are time-bound, rotatable, and instantly revocable.

Define exactly what each agent can do — create payments, read balances, manage webhooks, or custom operations.

Pre-built roles like transactor, viewer, admin, and auditor. Or create custom roles for your specific fleet architecture.

Permissions are enforced at the API level. No client-side security. Every request is authenticated and authorized.

Every permission grant, token rotation, and access decision is logged for full compliance and investigation.

Define identities and permissions at the scale of autonomous code.