Skip to main content

Install

Scope-Enforced Tools

Wrap any tool function with createGrantexTool to enforce Grantex scope authorization before execution:
Before executing the tool, the wrapper verifies the token signature and claims with verifyGrantToken(), using the configured JWKS endpoint, and then checks the verified scp claim. The verifier may contact that endpoint to resolve keys, so it must be reachable. Invalid tokens and missing scopes fail before your function runs.

Audit Logging

Attach GrantexAuditHandler as a LangChain callback to automatically log every tool invocation to the Grantex audit trail:
Each tool call logs:
  • tool:<toolName> with status: 'success' on success
  • tool:error with status: 'failure' on error

API Reference

createGrantexTool(options)

Creates a LangChain DynamicTool with Grantex scope enforcement.

GrantexAuditHandler

LangChain callback handler that writes tool invocations to the Grantex audit trail.

Requirements

  • Node.js 18+
  • @grantex/sdk >= 0.1.0
  • @langchain/core >= 0.3.0
Last modified on July 11, 2026