APort

Authorization infrastructure for the AI agent economy

Open Agent Passport v1.0 -
AlphaEd25519JSON Schema

Open Agent Passport (OAP)
Specification

The living specification for AI agent identity, capabilities, and policy enforcement. Secure, verifiable, and interoperable across platforms with one /verify call.

Sub-100ms decisions
Cryptographic security
Policy enforcement
Verifiable Credentials
View on GitHub

What is OAP?

A standardized format for AI agent identity, capabilities, and policy enforcement that enables secure, verifiable, and interoperable agent authentication.

Cryptographic Security

Ed25519 signatures with JCS canonicalization for tamper-proof decisions

Standardized Objects

Passport and Decision objects with JSON schemas for validation

Policy Packs

Extensible policy system with built-in packs for common operations

Interoperability

Verifiable Credentials support for cross-platform compatibility

Decision Object

Every policy evaluation returns a standardized Decision object with cryptographic signatures, expiration times, and detailed reasoning.

Cryptographic Signatures

Ed25519 signatures over JCS-canonicalized payloads

TTL & Caching

Configurable expiration with 30s suspend semantics

Detailed Reasoning

Structured error codes and human-readable messages

View Decision Schema

Example Decision

{
  "decision_id": "dec_123...",
  "allow": true,
  "reasons": [],
  "expires_in": 300,
  "assurance_level": "L2",
  "passport_digest": "sha256:...",
  "signature": "eyJhbGciOiJFZERTQSJ9...",
  "kid": "oap:registry:key123"
}

Policy Packs

Pre-built policy logic for common operations. Extensible system that supports custom capabilities and enforcement rules.

Payments Refund

L2+

Financial refund operations with currency limits and fraud protection

finance.payment.refund
finance.payment.refund.v1
Learn more

Data Export

L1+

Data export operations with PII controls and row limits

data.export
data.export.create.v1
Learn more

Repository Release

L2+

Repository operations with PR limits and merge controls

repo.pr.create, repo.merge
code.repository.merge.v1
Learn more
Browse All Policy Packs

How to Pass Conformance

Validate your OAP implementation with our comprehensive test suite. Get certified and join the ecosystem of compliant implementations.

1

Install Conformance Runner

Get the OAP conformance test suite

git clone https://github.com/aporthq/oap-spec.git
cd oap-spec/spec/conformance
pnpm install
2

Run Tests

Validate your implementation against OAP schemas

pnpm test --pack finance.payment.refund.v1
pnpm test --pack data.export.create.v1
3

Get Certified

Pass all tests to receive OAP compliance certification

✅ PASS: finance.payment.refund.v1
✅ PASS: data.export.create.v1
🎉 OAP Compliant!
Start Conformance Testing

Ready to Implement OAP?

Join the ecosystem of secure, interoperable AI agents. Start with our specification and conformance tools.

Read Full SpecRun Conformance Tests