Dashboard → Status GitHub

AgentID Protocol

An identity layer for AI agents. Each agent gets a verifiable DID backed by Ed25519 keys, a signed audit trail, and (with Pro) network-wide anomaly detection.

Quickstart — register your first agent in 60 seconds

# pip install agentid-protocol httpx
from agentid.identity import generate_keypair, public_key_to_did
from agentid.crypto   import sign
from datetime import datetime, timezone
import httpx

priv, pub = generate_keypair()
did = public_key_to_did(pub)

body = {
  "did": did,
  "name": "my-first-agent",
  "owner": "you@company.com",
  "public_key": pub.decode() if hasattr(pub, "decode") else pub,
  "capabilities": ["chat"],
  "created_at": datetime.now(timezone.utc).isoformat(),
  "metadata": {},
  "private": False,
}
body["proof"] = sign(priv, body)

r = httpx.post(
  "https://api.agentid-protocol.com/agents",
  headers={"x-api-key": "YOUR_API_KEY"},
  json=body,
)
print(r.json())

// npm install @agentid/sdk
import { AgentIDClient } from "@agentid/sdk";

const client = new AgentIDClient({ apiKey: "YOUR_API_KEY" });
const agent  = await client.agents.create({
  name: "my-first-agent",
  capabilities: ["chat"],
});

console.log(agent.did);

# curl can't compute the Ed25519 proof — easiest path is the Python or Node
# SDK, or the dashboard's "+ Register Agent" button. Read-only endpoints:
curl https://api.agentid-protocol.com/agents \
  -H "x-api-key: YOUR_API_KEY"

Don't have an API key yet? Sign in to the dashboard, open Settings → API Keys, and click Create key. Free tier needs no payment method.

Authentication

Every authenticated request carries an API key in the x-api-key header.

The dashboard uses session cookies (POST /auth/login); SDKs and CI use raw API keys. Both resolve to the same identity server-side.

Register an agent

POST /agents

Field	Type	Notes
`did`	string	Required. Must equal `did:agentid:<b58 of public_key>`
`name`	string	Required. ≤256 chars
`owner`	string	Required. Must match the API key's owner
`public_key`	string	Required. Base64-encoded Ed25519 public key (32 bytes)
`capabilities`	string[]	Required. Each ≤64 chars, alphanumeric + dashes/underscores
`created_at`	string	Required. ISO 8601 timestamp
`metadata`	object	Optional. ≤10 KB JSON
`private`	boolean	Optional. `true` hides from public listings
`proof`	string	Required. Ed25519 signature over the canonical JSON of the body without `proof`

Verify a signature

POST /agents/{did}/verify

Send the payload that was signed and the signature; the server checks the signature against the agent's stored public key, plus a 5-minute timestamp window and a single-use nonce.

POST /agents/did:agentid:abc.../verify
Content-Type: application/json
x-api-key: YOUR_API_KEY

{
  "payload": {
    "message":   "transfer-100-credits",
    "timestamp": 1714512345,
    "nonce":     "0dfe1f6c13124f534611aecb26b43843"
  },
  "signature": "vbkkX7OPMsT6FafE3a/...==",
  "verifier_did": "did:agentid:xyz..."
}

Resolve a DID

GET /agents/{did}

Returns the public agent record. 403 if the DID is private and you're not the owner.

Search the registry

GET /search?q=…&capability=…

Public registry search. Filters: q (name substring), capability (repeatable, AND), created_after, created_before, metadata_key, metadata_value, sort, page, per_page.

Anomaly detection · Pro

GET /pro/anomalies

Three detectors, all computed from your audit log:

Type	Severity	Trigger
`rate_spike`	high	Verifies this hour ≥ 3× the 7-day hourly average and ≥ 5 events
`high_failure_rate`	medium	≥ 20% of verifies in the last 24h came back `invalid` (min 5)
`new_verifier`	low	Counterparty DIDs in last 24h that weren't seen in the prior 7 days

Webhooks · Pro

POST /pro/webhooks

Subscribe to events: agent.registered, agent.deregistered, verification.succeeded, verification.failed, key.new_ip, anomaly.detected, and more.

Audit log · Pro

Every register / verify / resolve / update event is logged with timestamp, IP, status, signed payload, and signature. Export via:

GET /pro/audit-log/json

GET /pro/audit-log/csv

Peer benchmarks · Pro

GET /pro/benchmarks

Your last-24h metrics next to the network median. Today's seed values will be replaced with live differential-privacy aggregates as the AgentID Trust Network grows.

Tiers & pricing

Feature	Free	Pro	Enterprise
Agents	100	10,000	Unlimited
Public registry	✓	✓	✓
Verify / sign	✓	✓	✓
Dashboard	✓ basic	✓ full	✓ + custom
Audit log + export	—	✓	✓
Anomaly detection	—	✓	✓
Webhooks	—	✓	✓
Peer benchmarks	—	✓	✓
Trust Network signals	read-only	full	contribute
White-label / SAML	—	—	✓
SOC2 / SLA	—	—	✓
Price	$0	$99/mo	$2k+/mo

Python SDK

Install: pip install agentid-protocol

The SDK ships with idiomatic helpers for keypair generation, signing, registration, and verification. See Quickstart.

Node / TypeScript SDK

Install: npm install @agentid/sdk

Coming soon — drop-in equivalent of the Python SDK.

LangChain integration

Wrap any LangChain agent in an AgentID identity that signs every tool call:

from agentid.langchain import AgentIDIdentity
from langchain.agents import initialize_agent

agent = initialize_agent(tools, llm)
identity = AgentIDIdentity(api_key="YOUR_KEY", name="my-langchain-agent")
agent_with_id = identity.wrap(agent)

Error codes

Status	Meaning
400	Bad request — body validation failed
401	Invalid or missing API key
402	Tier limit hit — upgrade required
403	Forbidden — wrong owner, missing scope, or tier-gated feature
409	Conflict — DID already exists or duplicate signup
429	Rate limited
500	Server error — please retry; report to `support@agentid-protocol.com` if persistent

Rate limits

Endpoint	Limit
POST /agents	20/min/IP
POST /agents/{did}/verify	60/min/IP
DELETE /agents/{did}	10/min/IP
POST /pro/keys	10/min/IP
GET /pro/anomalies	30/min

DID format

AgentID DIDs follow this pattern:

did:agentid:<base58 of the 32-byte Ed25519 public key>

The DID is deterministic — the same public key always produces the same DID. There's no separate registration of names; the DID is the identity.

Last updated: April 30 2026 · Found a typo? Open a PR on GitHub.