RSS

AgentTrust ID – Runtime authorization for AI agents (open-source SDKs)

yaimavaldivia1 pts0 comments

AgentTrust ID | AgentTrust ID is live<br>← All postsAgentTrust ID is live<br>Yaima ValdiviaFounder · June 8, 2026 · 2 min read

This weekend, AgentTrust ID went live in production. As of today, all five SDKs are published:

pip install agenttrustid<br>npm install @agenttrustid/sdk<br>go get github.com/agenttrustid/sdk/go<br>cargo add agenttrustid<br># Maven / Gradle<br># id.agenttrust:agenttrustid:0.3.0

The SDKs are open source under Apache 2.0 at github.com/agenttrustid/sdk. The hosted platform is running at app.agenttrust.id in a controlled beta.

Why I built this

AI agents broke the assumptions that machine-to-machine security was built on. An API key answers one question: who is calling. It asks it once, at the door. An agent decides its next action at runtime, from context nobody wrote by hand. The same agent that summarized a document a second ago might now try to email it, delete it, or chain a task to another agent. A credential that only proves identity has no opinion about any of that.

Agents need a decision at the action boundary : should this specific action happen, right now, on whose behalf. Answered at runtime, every time, with an audit trail and a kill switch.

What's running

Everything below is live in production today, not a roadmap:

Per-action authorization. Every consequential action passes a pre-flight check. The Guardian pipeline routes each action by risk: deterministic rule checks for the common path, a policy engine for mutations, and AI-backed review for destructive operations. Fail-closed where it counts.

Opaque, instantly revocable tokens. Credentials are at_ references with no standing authority of their own. The server decides on every use, so revocation is one call, effective immediately.

Scoped delegation. When one agent hands work to another, the grant narrows instead of copying: subset scopes, independent TTLs, independently revocable, bounded chain depth.

Read-only sessions with time-boxed elevation. Sessions start safe and rise only on approval, for a bounded window, then revert on their own.

One model across surfaces. MCP tools, agent-to-agent calls, and direct API integrations all route through the same decision, not three security stories.

Where it stands

The platform is in an invite-only beta while I onboard design partners. If runtime authorization for agents is a problem you have right now, request access and tell me about your setup.

If you'd rather kick the tires first: the SDKs are open, the docs are public, including an honest what's supported page that says what this does not do yet. The design write-ups linked above explain the architecture in detail.

Agents are already acting at machine speed. The authorization layer should keep up. Now it does.

© 2026 AgentTrust ID

agenttrust agenttrustid agent action agents runtime

Related Articles

The Newest Instagram "Exploit" Is the Goofiest I've Seen

ssiddharth34 ptsaccount attacker email instagram seen like

It's Not Just X. It's Y

mooreds21 ptslanguage model writing like grammarly human

Amazon, Facebook, FBI have access to a private intelligence-sharing network

root-parent18 ptsseattle prism shield network private intelligence

Show HN: GoPeek – open links in live mini browser windows without new tabs

GeorgeWoff2518 ptsgopeek open browser links live mini

Agent Memory: An Anatomy

brgsk17 ptsmemory library user agent semantic libraries
terms · privacy · disclaimer · contact · policy
© 2026 NewsHub. All rights reserved.
This site is for informational purposes only. Content is aggregated from publicly available sources. We may earn commissions through affiliate links. Not affiliated with Y Combinator or Hacker News.