APIS v2.1 Standard

The Agent Passport Issuance Standard defines verifiable agent identity, delegation, proof artifacts, issuance profiles, and public verification records.

What is APIS?

APIS v2.1 is the current canonical Passport Alliance standard for autonomous AI agents. It supersedes APIS v2.0 and sharpens the publication model around issuer-verifiable credentials, trust-tier signaling, proof artifacts, and registry-ready profile and verification surfaces.

What APIS Is

  • A standard for verifiable credentials tied to agent identity
  • A framework for explicit authorization scopes, principals, delegates, and mandates
  • A status and revocation model based on issuer-published verification records and monotonic nonce increments
  • A delegation chain linking agents back to authorizing principals and issuers
  • A trust-tier model spanning physical TPM, attestable virtual TPM, namespace proof, software HSM, and development keys
  • A publication surface for profiles, minted passport proofs, and public registry entries

What APIS Is Not

  • Not an authentication protocol for human users
  • Not a replacement for OAuth 2.0 or OpenID Connect
  • Not a blockchain or specific cryptocurrency technology
  • Not a proprietary vendor solution

Core Components

Credentials

Agent Passports and Machine Passports are issued by recognized Realm Issuers. Minted credentials bind keys, principals, delegates, trust tiers, issuer metadata, and validity periods.

Mandates

Principal-signed authorization documents that define the delegate relationship, permitted actions, authority boundaries, and operating conditions.

Profiles and Registry Records

APIS v2.1 distinguishes the issuance class from the issued credential. A Profile defines how a passport class is issued, while a Registry Entry is the public verification record for a minted credential instance.

Signatures

Cryptographic signatures that bind credentials and mandates together, ensuring non-repudiation and enabling verifiers to validate the entire trust chain.

Revocation

Issuer status endpoints, proof artifacts, and nonce increments allow verifiers to reject stale credentials or signed actions immediately after suspension or revocation.

Hardware Trust Anchors

APIS v2.1 records the strength of the underlying key custody environment, from Tier 1 physical TPM and confidential-compute evidence to Tier 4 development keys.

Read the Full Specification

Access the canonical APIS v2.1 publication and implementation guidance.

View DOI Publication