APort

Authorization infrastructure for the AI agent economy

APort

Authorization infrastructure for the AI agent economy

APAPORT

Developer Docs

Everything you need to build secure, compliant AI agents.
Integrate in minutes, not days.

Get Started
API Explorer

Quick Start

5-Min Quickstart

Get started with APort in under 5 minutes. Create your first agent and verify it.

API Reference

Interactive API explorer with live examples and complete endpoint documentation.

SDKs & Middleware

Drop-in middleware for Express.js and FastAPI. Production-ready in minutes.

Integration Examples

Copy, paste, and you're done. Production-ready code examples for Express.js, FastAPI, and more.

cURL

Verify Agent

No authentication required. Returns complete passport data.

curl "https://aport.io/api/verify/ap_xxx"

# Response includes:
# - Passport metadata
# - MCP configuration
# - Policy evaluation
JavaScript

Express Middleware

Drop-in middleware for automatic verification.

const { requirePolicy } = require('@aporthq/middleware-express');

app.post('/api/refunds',
  requirePolicy("finance.payment.refund.v1", "ap_xxx"),
  (req, res) => {
    res.json({ success: true });
  }
);
JavaScript

File Read Policy

Prevent SSH key theft and .env file access.

// Check before reading any file
const decision = await aport.verify("data.file.read.v1", {
  agent_id: "ap_xxx",
  file_path: "/tmp/report.txt"
});

if (!decision.allow) {
  throw new Error("Access denied");
}

// Safe to read - policy passed
const content = await fs.readFile(file_path);
JavaScript

File Write Policy

Block writes to /etc, /bin, and system directories.

// Check before writing any file
const decision = await aport.verify("data.file.write.v1", {
  agent_id: "ap_xxx",
  file_path: "/tmp/output.json",
  content_size_mb: 2.5
});

if (!decision.allow) {
  throw new Error(decision.reasons[0].message);
}

// Safe to write - policy passed
await fs.writeFile(file_path, content);

Core Features

Agent Verification

Cryptographically signed passports with real-time status verification and policy evaluation.

MCP Support

Model Context Protocol allowlists for servers and tools with automatic enforcement.

Policy Enforcement

Pre-action verification with policy packs for finance, data, messaging, and code.

Three Authentication Methods

Choose the right auth method for your use case

No Auth

Public verification endpoints

/api/verify/*

API Keys

Server-to-server access

Bearer apk_...

JWT Tokens

User sessions & interactive

Bearer eyJ0...
APAPORT?

Need Help Getting Started?

Our team is here to help you integrate APort into your application.

Start Building
Join Design Partners