Three Primitives
Grantex introduces three primitives for agent authorization:
Agent Identity
Every agent registered with Grantex receives a cryptographic DID (Decentralized Identifier). This identity is embedded in every grant token the agent receives, allowing any service to verify which agent is acting.
Delegated Grant
A delegated grant is a human-approved, scoped, time-limited permission token. The user sees a plain-language consent UI describing exactly what the agent can do. Once approved, Grantex issues an RS256-signed JWT — the grant token — that the agent presents to services.
Audit Trail
Every action taken by an authorized agent is logged to an append-only, hash-chained audit trail. Each entry references the previous entry’s hash, creating a tamper-evident chain that can be verified independently.
The Authorization Flow
Step by step
-
Register — The developer registers their agent with Grantex, declaring a name, description, and the scopes (permissions) the agent needs.
-
Authorize — When the agent needs to act on behalf of a user, it initiates an authorization request. The user is redirected to a consent UI showing exactly what permissions are being requested.
-
Approve — The user reviews the scopes in plain language and approves (or denies). On approval, Grantex returns an authorization code to your redirect URI.
-
Exchange — Your application exchanges the authorization code for a signed grant token (RS256 JWT). This token contains the user’s identity, the agent’s DID, granted scopes, and expiry.
-
Verify — Any service receiving the grant token can verify it offline using the published JWKS endpoint. No Grantex account or API call needed — just fetch the public keys.
-
Audit — As the agent takes actions, each one is logged to the audit trail with the agent ID, grant ID, action name, and outcome.
-
Revoke — The user can revoke any grant at any time. Revocation is effective immediately — the token is blocklisted in Redis and subsequent verification calls reject it.
Why an Open Standard?
- Model-neutral — Works with OpenAI, Anthropic, Google, Llama, Mistral. No single AI provider can credibly own the authorization layer for their competitors’ agents.
- Framework-native — First-class integrations for LangChain, AutoGen, CrewAI, Vercel AI, and more.
- Locally verifiable — Services verify signatures and claims with published
JWKS keys, without a per-token call to the Grantex verification API. The JWKS
endpoint must remain reachable whenever a verifier needs current keys.
- Compliance-supporting controls — Audit, scope, consent, and revocation
features can provide evidence for applicable frameworks. They do not by
themselves determine legal compliance or a system’s risk classification.
Last modified on July 11, 2026