Open Standards for Verifiable AI Agent Identity

Passport Alliance governs APIS v2.0, the Agent Passport Issuance Standard for agent legal identity, hardware trust anchors, and interoperable delegation across organizations and frameworks.

Read DocumentationBecome an Issuer

The Core Questions

When you interact with an autonomous agent, you need answers to fundamental questions:

1

Who is the agent?

Verifiable identity proving the agent is who it claims to be, issued by a trusted authority.

2

Who authorized it?

Clear delegation chain showing the principal (human or organization) that authorized the agent's actions.

3

What can it do?

Explicit scope defining the boundaries of the agent's authority and permitted actions.

4

Can we revoke it?

Revocable credentials enabling immediate termination of agent authority when needed.

Three Pillars of Trust

APIS v2.0 establishes a foundation for agent identity, authorization, hardware-rooted trust, and revocation.

Identity

Realm-scoped DIDs and Agent Passports that bind an agent key to an issuer, principal, mandate, and trust tier.

Authorization

Principal-signed mandates that define what an agent is permitted to do, on whose behalf, and under what constraints.

Accountability

Signed agent actions, public verification, and revocation by nonce increment for trust enforcement.

How It Works

A trust chain from Realm Issuers to principals, mandates, delegates, and machine trust anchors.

Realm Issuer

Issues passports

Principal

Authorizes agents

Delegate

Signs authorized actions

Why Now?

Enterprise and public-sector risk demands standardized agent identity

Autonomous agents are proliferating

Organizations are deploying AI agents for increasingly sensitive operations, from financial transactions to data access.

Regulatory pressure is increasing

Compliance frameworks increasingly require demonstrable control and auditability of automated systems.

No existing standard addresses this

Current identity standards were designed for humans and services, not autonomous delegated agents. APIS v2.0 fills this gap.

Built for the Ecosystem

Three roles working together within the APIS framework

Issuers

Trusted authorities that issue verifiable credentials to principals and agents.

Learn about issuing →

Developers

Build agent systems that implement APIS for identity and authorization.

Start building →

Verifiers

Systems that validate credentials and enforce authorization policies.

Understand the standard →

Ready to get started?

Join the effort to establish identity and authorization standards for AI agents.

Read the DocumentationContact Us