The living specification for AI agent identity, capabilities, and policy enforcement. Secure, verifiable, and interoperable across platforms with one /verify call.
A standardized format for AI agent identity, capabilities, and policy enforcement that enables secure, verifiable, and interoperable agent authentication.
Ed25519 signatures with JCS canonicalization for tamper-proof decisions
Passport and Decision objects with JSON schemas for validation
Extensible policy system with built-in packs for common operations
Verifiable Credentials support for cross-platform compatibility
Every policy evaluation returns a standardized Decision object with cryptographic signatures, expiration times, and detailed reasoning.
Ed25519 signatures over JCS-canonicalized payloads
Configurable expiration with 30s suspend semantics
Structured error codes and human-readable messages
{
"decision_id": "dec_123...",
"allow": true,
"reasons": [],
"expires_in": 300,
"assurance_level": "L2",
"passport_digest": "sha256:...",
"signature": "eyJhbGciOiJFZERTQSJ9...",
"kid": "oap:registry:key123"
}Pre-built policy logic for common operations. Extensible system that supports custom capabilities and enforcement rules.
Financial refund operations with currency limits and fraud protection
Data export operations with PII controls and row limits
Repository operations with PR limits and merge controls
Validate your OAP implementation with our comprehensive test suite. Get certified and join the ecosystem of compliant implementations.
Get the OAP conformance test suite
git clone https://github.com/aporthq/oap-spec.git cd oap-spec/spec/conformance pnpm install
Validate your implementation against OAP schemas
pnpm test --pack finance.payment.refund.v1 pnpm test --pack data.export.create.v1
Pass all tests to receive OAP compliance certification
✅ PASS: finance.payment.refund.v1 ✅ PASS: data.export.create.v1 🎉 OAP Compliant!
Join the ecosystem of secure, interoperable AI agents. Start with our specification and conformance tools.