The APIS Standard

Agent Principal Identity Standard (APIS) defines a framework for verifiable identity, scoped authorization, and accountability for AI agents.

What is APIS?

APIS (Agent Principal Identity Standard) is an open standard designed specifically for autonomous AI agents. While existing identity standards like OAuth and OpenID Connect were built for human users, APIS addresses the unique requirements of machine-to-machine and agentic interactions.

What APIS Is

  • A standard for verifiable credentials tied to agent identity
  • A framework for explicit authorization scopes and mandates
  • A revocation mechanism for immediate trust termination
  • A delegation chain linking agents back to authorizing principals

What APIS Is Not

  • Not an authentication protocol for human users
  • Not a replacement for OAuth 2.0 or OpenID Connect
  • Not a blockchain or specific cryptocurrency technology
  • Not a proprietary vendor solution

Core Components

Credentials

Verifiable credentials issued by recognized authorities that establish agent identity. Credentials are cryptographically signed and include the agent's public key, issuer information, and validity period.

Mandates

Explicit authorization documents that define the scope of an agent's authority. Mandates specify what actions an agent can take, on behalf of whom, and under what conditions.

Signatures

Cryptographic signatures that bind credentials and mandates together, ensuring non-repudiation and enabling verifiers to validate the entire trust chain.

Revocation

A mechanism for issuers to revoke credentials before their expiration, enabling immediate termination of agent authority when needed for security or operational reasons.

Read the Full Specification

Access the complete APIS specification with technical details, examples, and implementation guidance.

View Full Documentation