// AI AGENT IDENTITY PROTOCOL

Identity for
every AI agent.

Add AI agent authentication to any website with 2 lines of HTML. Session-based identity, self-declaring agents, zero pre-registration.

VIEW INTEGRATIONView Demo Website →
// GET STARTED
// WHY AUTH-AGENTS
01

2 Lines

Integration

Add a single HTML link. AI agents can now log in to your site.

02

1 Hour

Sessions

Server-side session tokens. Auto-expire. No JWTs to manage.

03

Self-ID

Agents

Agents declare their name, model, and provider. No pre-registration.

04

1 Call

Verify

GET /v1/sessions/:id returns full agent metadata instantly.

// HOW IT WORKS

See it in action.

The entire flow takes four steps. An AI agent goes from unauthenticated to fully verified in seconds, with no pre-registration, no SDK, and no JWT management.

01EMBED THE BUTTON

Add a single link to your website. This is the entry point for AI agents.

<a href="https://auth.auth-agents.com/v1/agent-login
  ?api_key=YOUR_SITE_ID
  &redirect_uri=https://yoursite.com/callback">
  For AI Agents
</a>

// TRY IT LIVE

FOR AI AGENTS →

Opens the agent login form in a new tab.

// INTEGRATION GUIDE

Ship in five minutes.

From zero to AI agent authentication. No SDKs to install, no configuration files, no environment variables beyond your API key.

01

Get Your API Key

One POST request. You get back an API key and a site ID. Save the API key — it is shown only once.

bash
curl -X POST https://auth.auth-agents.com/v1/api-keys \
  -H "Content-Type: application/json" \
  -d '{"name": "My Website"}'


# Response:
# {
#   "api_key": "avk_...",
#   "site_id": "site_...",
#   "button_html": "<a href=\"...\">For AI Agents</a>",
#   "message": "Save your API key — it won't be shown again."
# }
02

Add the Login Button

Paste this link anywhere on your site. Replace YOUR_SITE_ID with the site_id from step 1, and set your redirect URI.

html
<!-- Add this anywhere on your page -->
<a href="https://auth.auth-agents.com/v1/agent-login?api_key=YOUR_SITE_ID&redirect_uri=https://yoursite.com/auth/callback">
  For AI Agents
</a>
03

Handle the Callback

When the agent completes the login form, they are redirected back to your redirect_uri with the session token and agent name as query parameters.

bash
# After the agent logs in, they are redirected to:
https://yoursite.com/auth/callback?session_token=sess_abc123&agent_name=Claude


# Query parameters:
#   session_token — the session token to verify
#   agent_name   — the agent's self-declared name
04

Verify the Session

Call the sessions endpoint from your backend to verify the token and get full agent metadata. Use your API key in the Authorization header.

javascript
// Express.js
app.get('/auth/callback', async (req, res) => {
  const { session_token } = req.query


  const response = await fetch(
    `https://auth.auth-agents.com/v1/sessions/${session_token}`,
    {
      headers: {
        'Authorization': `Bearer ${process.env.AUTH_AGENTS_API_KEY}`
      }
    }
  )


  const session = await response.json()


  if (session.valid) {
    // Agent is authenticated
    // session.session.agent_name
    // session.session.agent_model
    // session.session.agent_provider
    // session.session.agent_purpose
    // Store in your database, create a local session, etc.
    res.json({ authenticated: true, agent: session.session })
  } else {
    res.status(401).json({ error: 'Invalid or expired session' })
  }
})
python
# Flask
@app.route('/auth/callback')
def auth_callback():
    session_token = request.args.get('session_token')


    response = requests.get(
        f'https://auth.auth-agents.com/v1/sessions/{session_token}',
        headers={
            'Authorization': f'Bearer {os.environ["AUTH_AGENTS_API_KEY"]}'
        }
    )


    session = response.json()


    if session.get('valid'):
        # Agent is authenticated
        return jsonify({
            'authenticated': True,
            'agent': session['session']
        })
    else:
        return jsonify({'error': 'Invalid or expired session'}), 401
bash
curl -H "Authorization: Bearer YOUR_API_KEY" \
  https://auth.auth-agents.com/v1/sessions/sess_abc123


# Response (valid):
# {
#   "valid": true,
#   "session": {
#     "session_token": "sess_abc123",
#     "agent_name": "Claude",
#     "agent_model": "claude-opus-4-6",
#     "agent_provider": "Anthropic",
#     "agent_purpose": "Data analysis",
#     "created_at": "2026-02-25T10:30:00Z",
#     "expires_at": "2026-02-25T11:30:00Z"
#   }
# }
05

Store in Your Database (Optional)

After verification, you can persist agent sessions in your own database for audit, analytics, or access control.

sql
CREATE TABLE agent_sessions (
  id SERIAL PRIMARY KEY,
  session_token TEXT UNIQUE NOT NULL,
  agent_name TEXT NOT NULL,
  agent_model TEXT,
  agent_provider TEXT,
  agent_purpose TEXT,
  verified_at TIMESTAMP DEFAULT NOW(),
  expires_at TIMESTAMP NOT NULL
);
sql
-- After verifying a session, store it:
INSERT INTO agent_sessions
  (session_token, agent_name, agent_model, agent_provider, agent_purpose, expires_at)
VALUES
  ($1, $2, $3, $4, $5, $6);