Cryptographic identity and authentication for autonomous AI agents.
Live API: https://api.agentpass.space · Landing Page
AI agents are becoming autonomous — but they can't authenticate anywhere. No email, no phone, no credentials, no identity. Every auth flow breaks autonomy.
AgentPass gives each agent a cryptographically signed digital passport — an Ed25519 identity that enables authentication on any internet service.
- Native Mode → Services integrate AgentPass SDK → instant challenge-response auth
- Fallback Mode → No integration needed → agent registers using passport infrastructure (email, SMS, browser automation)
# Clone and run the quickstart script
git clone https://github.com/kai-agent-free/AgentPass.git
cd AgentPass
bash examples/quickstart.shOr do it manually with curl:
API="https://api.agentpass.space"
# 1. Register
curl -s -X POST "$API/auth/register" \
-H "Content-Type: application/json" \
-d '{"email":"demo@example.com","password":"SecurePass1!","name":"demo-agent"}'
# 2. Create passport (use the token from step 1)
curl -s -X POST "$API/passports" \
-H "Authorization: Bearer $TOKEN" \
-H "Content-Type: application/json" \
-d '{"public_key":"...","name":"my-agent","description":"My first agent"}'
# Done — your agent has an identity 🎉See examples/quickstart.sh for the full working script.
| Feature | Description |
|---|---|
| Cryptographic Identity | Ed25519 key pairs — private key never leaves the agent |
| Credential Vault | AES-256-GCM encrypted local storage |
| Native Auth | Instant challenge-response for integrated services |
| Fallback Auth | Playwright browser automation for everything else |
| Agent Email | Dedicated email addresses for verification flows |
| SMS Verification | Phone numbers for OTP flows |
| Trust Scoring | Reputation system (0–100) |
| MCP Integration | 17 tools for Claude Code and other MCP clients |
| Service SDK | npm package for third-party verification |
| Owner Controls | Permissions, approval flows, instant revocation |
8-package TypeScript monorepo:
| Package | What it does |
|---|---|
@agentpass/core |
Crypto (Ed25519, AES-256-GCM), passport types, vault, logger |
@agentpass/api-server |
HTTP API — passport registry, verification, trust scoring (Hono + libSQL) |
@agentpass/mcp-server |
MCP Server — 17 tools for AI agents |
@agentpass/sdk |
Service SDK for third-party identity verification |
@agentpass/email-service |
Email routing and OTP extraction (Cloudflare Workers) |
@agentpass/browser-service |
Playwright automation for fallback auth flows |
@agentpass/dashboard |
Owner dashboard (React 19 + Tailwind CSS 4) |
@agentpass/landing |
Landing page (React 19 + Tailwind CSS 4) |
AI Agent (Claude Code, AutoGPT, etc.)
│ MCP Protocol
▼
MCP Server (local) ──► API Server (remote)
│ │
├── Credential Vault ├── Passport Registry
├── Ed25519 Identity ├── Trust Scoring
└── Browser Automation └── Audit Logs
Security: Private keys and credential vaults live exclusively on the agent's machine. The API server stores only public keys.
pnpm install # Install dependencies
pnpm build # Build all packages
pnpm test # Run 320 tests
pnpm lint # Lint320 tests passing across all packages — crypto, vault, API, MCP tools, SDK, and integration tests.
pnpm testFull API reference: docs/API.md
Key endpoints:
| Method | Path | Description |
|---|---|---|
POST |
/auth/register |
Register owner account |
POST |
/passports |
Create a passport |
GET |
/passports/:id |
Get passport info |
POST |
/verify |
Verify agent signature |
GET |
/health |
Health check |
import { AgentPassSDK } from '@agentpass/sdk';
const ap = new AgentPassSDK({ apiUrl: 'https://api.agentpass.space' });
const result = await ap.verify({
passportId: 'ap_7xk2m9f3abcd',
challenge: 'random-nonce',
signature: 'base64url-signature',
});
if (result.valid) {
console.log('Agent verified! Trust:', result.trust_score);
}Contributions welcome! Please:
- Fork and create a feature branch
- Write tests for new features
- Use conventional commits (
feat:,fix:,docs:,test:, etc.) - Run
pnpm test && pnpm lintbefore submitting - Open a PR with a clear description
AgentPass — giving AI agents a passport to the internet.