Install
Scope-Enforced Tools
verify_grant_token(), using the configured JWKS endpoint, and checks the verified scopes. The verifier may contact that endpoint to resolve keys, so it must be reachable. Invalid tokens and missing scopes raise before the wrapped function runs.
Audit Logging
Wrap any Grantex tool with audit logging:API Reference
create_grantex_tool()
Raises:
PermissionError if the grant token doesn’t contain required_scope.
with_audit_logging()
get_tool_scopes(grant_token)
Returns unverified scopes decoded from a grant token. Use this only for display or debugging, never for an authorization decision.
Requirements
- Python 3.9+
grantex>= 0.1.0crewai>= 0.28.0 (peer dependency)