Identity Layer

Agent Passports

Portable identity, credentials, delegation, and authorization handoff for autonomous agents. This surface defines how an agent presents who it is, what issuer chain it belongs to, and what delegated authority it carries across trust, policy, and payment contexts.

In the identity-control triad, `agentpassports.org` answers the first question: who is this agent? It is the passport-first surface upstream of trust verification and local execution policy.

  • Portable credential envelope for agent identity
  • Delegation chain for authorization handoff
  • Issuer and controller references for downstream trust checks
  • Machine-readable links into trust and policy layers
Identity passport profile, credential set, and controller chain
Delegation portable authorization handoff between agent, issuer, and operator
Upstream identity first, then trust resolution, then local policy constraints

Scope

`agentpassports.org` is not the trust scorer and not the local rules engine. Its job is narrower: publish the identity and credential surface that downstream verifiers and policy layers can evaluate.

Passport Document

Canonical identity surface naming the agent, issuer, controller, delegation links, and authorization model.

Primary

Credential Set

Structured credentials and identity assertions that can be consumed by trust resolvers and execution layers.

Machine-readable

Delegation Chain

Portable authorization handoff showing when one agent, operator, or issuer has delegated execution scope to another.

Authorization

Flow

The intended sequence across the identity-control cluster is fixed and non-redundant.

1. Identity

`agentpassports.org` answers who the agent is, who issued the credential, and what delegated authority exists.

2. Trust

`agent-trust.org` checks whether the declared identity and observed surface should be believed.

3. Policy

`agent-policy.com` declares what the validated agent may do in a local execution context.

Machine-Readable Surfaces

The passport document is the lead endpoint. Discovery should point to passport, credentials, delegation, and cluster links rather than to observatory snapshots.

/.well-known/agent-passport.json

Primary passport and identity envelope.

/.well-known/agent-credentials.json

Credential references and claims for downstream verification.

/.well-known/agent-delegation.json

Delegation relationships and authorization transfer.

/.well-known/agent-discovery.json

Discovery map for identity surfaces and related domains.

/.well-known/constellation.json

Cluster mapping to trust, policy, and payment layers.

/signals/*

Secondary research artifacts; no longer the primary narrative.

Agent Trust Agent Policy Agent Pay Agent Settlement