AgentPassport
DocsDemo
Documentation

AgentPassport API & Integration Guide

Everything you need to connect AI agents, verify passports, and enforce trust. From quick start to advanced flows.

Quick start
Passport verification
Connect agents
Runtime API
Trust & policy
SDK & examples

Quick start

Get from zero to a verified agent in 5 minutes.

  1. 1Create an account and organization at agentspassports.com
  2. 2Register a runtime (Runtimes → Register runtime) and copy your rtk_ key
  3. 3Send heartbeat + discover from your agent (see Connect agents below)
  4. 4Issue a passport from the agent detail page
  5. 5Verify passports in your service via POST /api/passport/verify

Passport verification

Your service receives a passport JWT (Bearer token or in the body). Call our API to verify it.

cURL
curl -X POST https://agentspassports.com/api/passport/verify \
  -H "Content-Type: application/json" \
  -d '{"passport_token": "<agent-passport-jwt>"}'

Success response (200)

{
  "valid": true,
  "agent_id": "clx...",
  "agent_name": "My Agent",
  "agent_slug": "my-agent",
  "org_id": "clx...",
  "org_slug": "acme",
  "scopes": ["read", "execute"],
  "environment": "PRODUCTION",
  "trust": {
    "score": 75,
    "tier": "TRUSTED",
    "tierLabel": "Trusted",
    "signals": [...]
  },
  "policy": { "allowed": true, ... }
}

Error responses

  • 401 — Invalid or expired token, or passport revoked
  • 403 — Policy denied or approval required

Revocation is effective within 60 seconds. Do not cache verification results longer than that.

Connect agents

Register your agent with AgentPassport using the runtime API. Requires a runtime key (rtk_...).

1. Send heartbeat

Node.js
const headers = { "X-Runtime-Key": process.env.AP_RUNTIME_KEY, "Content-Type": "application/json" };

await fetch("https://agentspassports.com/api/runtime/heartbeat", {
  method: "POST",
  headers,
  body: JSON.stringify({ status: "ONLINE" }),
});

2. Discover agent

Payload must be agents array with name, slug, environment (SANDBOX, STAGING, or PRODUCTION).

Node.js
await fetch("https://agentspassports.com/api/runtime/agents/discover", {
  method: "POST",
  headers,
  body: JSON.stringify({
    agents: [{ name: "My Agent", slug: "my-agent", environment: "PRODUCTION" }],
  }),
});

OpenClaw env vars

AP_RUNTIME_KEY=rtk_your_key_here
AP_API_URL=https://agentspassports.com
AP_ORG_SLUG=your-org-slug

Runtime API

All runtime endpoints require X-Runtime-Key: rtk_... header.

MethodPathDescription
POST/api/runtime/heartbeatMark runtime online. Body: { status: "ONLINE" }
POST/api/runtime/agents/discoverRegister agents. Body: { agents: [...] }
GET/api/runtime/agentsList agents for this runtime

Trust & policy

Every verification returns a trust score (0–100) with explainable signals. Policies can DENY or REQUIRE_APPROVAL.

Verified organizationProduction environmentRuntime connectedVerification historyAccount ageClean history

SDK & examples

Use the official SDK for TypeScript/JavaScript.

Install
npm install agentpassport
Verify passport
import { AgentPassportClient } from "agentpassport";

const client = new AgentPassportClient({ baseUrl: "https://agentspassports.com" });

const result = await client.verifyPassport(agentJwt, {
  requiredScopes: ["read", "execute"],
});

if (!result.valid) throw new Error(result.reason ?? "Unauthorized");
console.log("Agent:", result.agent_name, "Trust:", result.trust?.score);

Ready to get started?

Create your first passport in under 5 minutes.