Grantex lets humans authorize AI agents with verifiable, revocable, audited grants — an open protocol built on JWT and the OAuth 2.0 model.
Today's AI frameworks offer no standard way to authorize, audit, or revoke what agents do on behalf of humans.
Agents invoke APIs, read files, and send emails — with no verifiable proof that a human consented. If something goes wrong, there's no audit trail to follow.
Once an agent has a credential, revoking it requires hunting down every token manually. There's no standard for instant, cascading invalidation across sub-delegations.
Compliance requires knowing exactly what each agent did, when, and under whose authority. Without a tamper-evident audit trail, you're flying blind.
Five steps from consent to revocation, all enforced by cryptography.
Your app calls POST /v1/authorize
with the agent ID, user ID, and requested scopes. Grantex returns
a consent URL — redirect the user there.
The user sees exactly what the agent wants to do, described in plain English. One click — approved. Your redirect callback receives an authorization code.
Call grantex.tokens.exchange({ code, agentId })
to swap the authorization code for a signed RS256 JWT grant token
(JTI-tracked, scoped, time-limited).
Present the token to any microservice. It verifies the RS256 signature
against the public JWKS without a network round-trip, or calls
POST /v1/tokens/verify for
real-time revocation status.
Call POST /v1/tokens/revoke.
The JTI is blocklisted in Redis immediately. All sub-delegated tokens
derived from this grant are invalidated in the same operation.
Install the SDK and authorize your first agent in under 10 lines.
npm install @grantex/sdk
Copy
pip install grantex
Copy
// npm install @grantex/sdk import { Grantex, verifyGrantToken } from '@grantex/sdk'; const grantex = new Grantex({ apiKey: 'YOUR_API_KEY' }); // 1. Request authorization — redirect user to consentUrl const { consentUrl } = await grantex.authorize({ agentId: 'ag_01J...', userId: 'usr_01J...', scopes: ['calendar:read', 'email:send'], }); // 2. Exchange the authorization code for a grant token const token = await grantex.tokens.exchange({ code, agentId: 'ag_01J...' }); // 3. Verify offline — no network call needed const grant = await verifyGrantToken(token.grantToken, { jwksUri: 'https://api.grantex.dev/.well-known/jwks.json', }); console.log(grant.scopes); // ['calendar:read', 'email:send']
# pip install grantex from grantex import Grantex, ExchangeTokenParams client = Grantex(api_key="YOUR_API_KEY") # 1. Request authorization — redirect user to consent_url auth = client.authorize( agent_id="ag_01J...", user_id="usr_01J...", scopes=["calendar:read", "email:send"], ) # 2. Exchange the authorization code for a grant token token = client.tokens.exchange(ExchangeTokenParams(code=code, agent_id="ag_01J...")) # 3. Use the token — scopes, grantId, and JWT are all available print(token.scopes) # ('calendar:read', 'email:send') print(token.grant_token) # RS256-signed JWT
Drop Grantex into any AI framework or language runtime.
End-to-end examples for every SDK and framework integration. Clone the repo, start the local stack, and run.
Core authorization lifecycle — register agent, authorize, exchange code, verify token offline, log audit entry, revoke.
Same core flow in Python — register, authorize, exchange, verify offline, audit, and revoke using the Python SDK.
Scoped tools with automatic audit callbacks. Create tools via
createGrantexTool,
attach audit handler, invoke.
Vercel AI SDK tools with Zod schemas, scope enforcement, and
withAuditLogging
wrapper. Works with generateText.
CrewAI tools with offline scope enforcement and audit logging. Demonstrates PermissionError on unauthorized scopes.
OpenAI Agents SDK tools with Grantex scope enforcement.
Uses @function_tool
decorator pattern with offline JWT scope checks.
Google Agent Development Kit tools with Grantex scope enforcement. Plain functions with docstrings — no decorator needed.
Security audited, standards-track, open source.
External security review found no critical or high severity findings. Full report available to enterprise customers under NDA.
Controls for Security, Availability, and Confidentiality trust service criteria reviewed and attested by an independent CPA firm.
The Grantex wire protocol is an open IETF Internet-Draft
(draft-mishra-oauth-agent-grants-00),
built on the OAuth 2.0 framework.
Connect with developers building the trust layer for AI agents.
Ask questions, share what you're building, and get help from the community and maintainers.
Propose RFCs, ask design questions, and participate in protocol discussions.
Grantex is Apache 2.0 licensed. Star the repo to follow releases and show your support.
Define fine-grained scope restrictions, rate limits, and time-bound grants per agent or team.
Sync agents and principals from your identity provider automatically.
Sign in with Okta, Azure AD, Google Workspace, or any OIDC provider.
Pattern-based detection of unusual grant activity with real-time alerting.
SOC 2 and GDPR-ready audit log exports in standard formats.
Self-host the entire stack with our production Docker Compose configuration.
Encrypted per-user credential store. Agents exchange grant tokens for upstream service credentials.
Drop-in OAuth 2.1 + PKCE authorization for any MCP server with dynamic client registration.
Real-time SSE and WebSocket streams with Datadog, Splunk, S3, BigQuery, and Kafka destinations.
Per-grant spending limits with atomic debit, threshold alerts, and JWT budget claims.
Prometheus metrics, OpenTelemetry tracing, and Grafana dashboard templates out of the box.
Manage agents, policies, webhooks, and budgets as infrastructure with the official Terraform provider.
Pluggable policy engines — delegate authorization to Open Policy Agent or AWS Cedar.
Manage policies in Git with versioned bundles and automatic sync via webhooks.
Grantex grant tokens inside Google A2A agent-to-agent communication. TypeScript and Python.
Real-time API usage tracking with Redis counters, daily rollup, and per-plan rate limits.
Use your own domain for API endpoints with DNS TXT record verification.
We work directly with engineering and security teams to design the right integration. Volume pricing and custom SLAs available.