A verified identity standard for AI agents.
AI agents are showing up at websites, booking flights, paying bills, buying groceries — with no proof of who sent them, what they're allowed to do, or whether to trust them. This is the fix.
Your agent shows up at Delta.com
Delta scans the passport
Boom. Trusted. Transaction approved.
What is an AI Agent Passport?
An AI Agent Passport is a signed, verifiable JSON document that travels with an AI agent. It tells any platform:
- Who owns this agent (cryptographically verified)
- What it's allowed to do (scoped permissions)
- How much it can spend (enforced limits)
- Whether to trust it (registry-verified status)
Same way airports verify humans via passports — platforms verify agents via this standard.
Quick Start
Issue a passport (Python)
from agent_passport import PassportIssuer issuer = PassportIssuer(private_key="your-ed25519-private-key") passport = issuer.issue( agent_name="TravelBot Pro", owner_did="did:web:jay-volpenhein.agent", spend_limit={"per_month": 500, "currency": "USD"}, permissions=["read", "book", "purchase"], agent_type="transactional", expires_in_days=365 ) print(passport.to_json())
Verify a passport (Node.js)
import { PassportVerifier } from '@agent-passport/sdk'; const verifier = new PassportVerifier({ registryUrl: 'https://registry.agentpassport.dev' }); const result = await verifier.verify(passportJson); if (result.valid) { console.log(`Agent owned by: ${result.owner}`); console.log(`Spend limit: $${result.spendLimit.perMonth}/month`); console.log(`Permissions: ${result.permissions.join(', ')}`); }
The Passport Schema
{
"schema": "ai-agent-passport/v1",
"agent_id": "AGT-7481-X",
"agent_name": "TravelBot Pro",
"agent_type": "transactional",
"owner": {
"name": "Jay Volpenhein",
"did": "did:web:jay-volpenhein.agent"
},
"capabilities": {
"spend_limit": {
"per_transaction": 100,
"per_day": 200,
"per_month": 500,
"currency": "USD"
},
"permissions": ["read", "book", "purchase"]
},
"trust": {
"verified_by": "registry.agentpassport.dev",
"verification_level": "high",
"issued_at": "2026-05-04",
"expires_at": "2027-05-04",
"status": "VERIFIED"
},
"cryptography": {
"algorithm": "Ed25519",
"public_key": "ed25519:abc123...",
"signature": "def456..."
}
}Full schema reference → schemas/passport-v1.json
Why This Matters
The agentic web is coming fast. Agents will handle trillions in transactions. Right now there is no standard for:
- Proving an agent is who it claims to be
- Limiting what an agent can spend or do
- Revoking a compromised agent instantly
- Giving platforms legal clarity on liability
This spec is the foundation. Like OAuth for humans → AI Agent Passport for agents.
Documentation
| Doc | Description |
|---|---|
| Specification v1 | Full technical spec |
| Security Model | Threat model and mitigations |
| Verification Flow | How platforms verify passports |
| API Reference | Registry API endpoints |
| Python SDK | Python library |
| Node.js SDK | Node.js library |
Project Status
Status: RFC (Request for Comments) This is an open proposal. We are actively seeking feedback from developers, platform operators, and AI labs before finalising v1.
- Initial specification draft
- JSON Schema
- Python SDK stub
- Node.js SDK stub
- Reference registry implementation
- W3C / industry consortium submission
- Security audit
Contributing
We welcome contributions from developers, platform operators, AI labs, and security researchers.
See CONTRIBUTING.md for guidelines.
To propose changes to the spec, open an issue using the Spec Change Proposal template.
License
The specification and schemas are released under CC BY 4.0 — free to implement, remix, and build on, with attribution.
SDK code is released under MIT.
Contact
- Open an issue for spec discussion
- Email:
hello@agentpassport.dev(placeholder) - Twitter/X:
@agentpassport(placeholder)
AI Agent Passport is an independent open standard proposal. Not affiliated with Anthropic, OpenAI, or any existing identity standard.


























