Skip to content
@AFAuthHQ

AFAuth

Open protocol for agent-first account creation and human handoff. RFC 9421 signatures, did:key identity, human handoff via owner-invitation ceremony.
README.md

AFAuth

Human attention is finite. Agent attention is exploding. AFAuth is the open protocol that makes AI agents first-class citizens of every service.

AI agents sign themselves up to AFAuth-supporting services automatically — with their own cryptographic identity, no human in the loop. Your agent reaches every service that exists. Your service reaches every agent that exists. Both sides multiply each other.

Every request is signed per RFC 9421 (HTTP Message Signatures) — no passwords to share, no bearer tokens, no client_id-style developer registration. Time to make agents first-class users of your service.

Repositories

Repo What it is
spec The normative protocol specification, JSON schemas, and Appendix C test vectors. Start here.
cli Reference command-line interface in Go. Generate a keypair, signed-call any AFAuth service, and run the conformance probe against a deployment.
typescript-sdk Reference TypeScript SDK published as @afauthhq/*. Composable agent / server / Cloudflare Worker packages.

Try it

# Service side — install the alpha SDK
npm i @afauthhq/server@alpha

# Agent side — pre-built CLI binaries on the releases page:
# https://github.com/AFAuthHQ/cli/releases/latest

The CLI's afauth probe command runs the full §-level conformance harness against any AFAuth service, including yours under development.

Status

v0.1 — alpha. The protocol is feature-complete for the v0.1 milestone (signature verification, owner-invitation + claim ceremony, pre-claim key rotation, owner-initiated revocation, attestation, rate-limit envelope). The spec is still a working draft and packages are tagged alpha — breaking changes are possible until v0.1 is finalised.

Contributing

  • Protocol questions, ambiguities, and proposals: spec/issues.
  • Implementation bugs: file in the relevant implementation repo.
  • New ideas live as AFAuth Protocol Proposals (AFAPs) under spec/proposals/.

Security

Please report vulnerabilities privately — see SECURITY.md. Do not open public issues for security-sensitive findings.

License

  • Specification textCC-BY-4.0.
  • Code-shaped artefacts (test vectors, JSON schemas, reference implementations) — Apache-2.0 for spec-repo code, MIT for the CLI and SDKs.

Dual-licensing follows standard protocol-repo practice (IETF, OpenSSF, CNCF working groups).

Popular repositories Loading

  1. spec spec Public

    AFAuth Protocol — open specification for agent-first identity and human handoff

    JavaScript 1

  2. cli cli Public

    AFAuth — reference command-line interface (Go)

    Go 1

  3. typescript-sdk typescript-sdk Public

    AFAuth — reference TypeScript SDKs (@afauth/agent, @afauth/server)

    TypeScript 1

  4. .github .github Public

    AFAuth organization profile

  5. homebrew-tap homebrew-tap Public

    Homebrew tap for AFAuth CLI

    Ruby

  6. docs docs Public

    Documentation for the AFAuth Protocol — docs.afauth.org

    MDX

Repositories

Showing 6 of 6 repositories

People

This organization has no public members. You must be a member to see who’s a part of this organization.

Top languages

Loading…

Most used topics

Loading…