Quick Start
Get up and running with AZTP Client in a real-world multi-agent workflow!
Note: This example demonstrates how to secure and link multiple agents and services using aztp-client. Replace the agent and service classes with your own implementations as needed. For brevity, implementation details of agent and storage classes are omitted.
What This Example Does
This quick start demonstrates how to use AZTP (Agentic Zero Trust Protocol) to establish a secure trust chain between multiple agents and services in a blog generation workflow.
If any agent's identity in the chain is revoked, expired, or fails verification, the entire workflow is halted and trust is broken—no further actions can be performed. This ensures that only valid, authorized agents can participate at every step.
Python Example
from aztp_client import Aztp
from agents.research_agent import ResearchAgent
from agents.blog_agent import BlogAgent
from services.storage import StorageService
import os
# Load environment variables
AZTP_API_KEY = os.getenv('AZTP_API_KEY')
# Initialize AZTP client
client = Aztp(api_key=AZTP_API_KEY)
# Create your agent and service instances
research_agent = ResearchAgent()
blog_agent = BlogAgent()
storage = StorageService()
# 1. Secure Blog Agent (root/parent)
secured_blog = await client.secure_connect(blog_agent, "blog-writer-1", {"isGlobalIdentity": True})
# 2. Secure Research Agent as child of Blog
secured_research = await client.secure_connect(
research_agent,
"research-assistant-1",
{
"isGlobalIdentity": False,
"trustDomain": "gptarticles.xyz",
"parentIdentity": secured_blog.identity.aztp_id,
"linkTo": [secured_blog.identity.aztp_id]
}
)
# 3. Update Blog Agent with Research link
updated_blog = await client.secure_connect(
blog_agent,
"blog-writer-1",
{
"isGlobalIdentity": True,
"linkTo": [secured_research.identity.aztp_id]
}
)
# 4. Secure Storage Service as child of Blog
secured_storage = await client.secure_connect(
storage,
"storage-service-1",
{
"isGlobalIdentity": False,
"trustDomain": "gptarticles.xyz",
"parentIdentity": updated_blog.identity.aztp_id,
"linkTo": [updated_blog.identity.aztp_id]
}
)
# 5. Final update to Blog Agent to link with Storage
final_blog = await client.secure_connect(
blog_agent,
"blog-writer-1",
{
"isGlobalIdentity": True,
"linkTo": [secured_research.identity.aztp_id, secured_storage.identity.aztp_id]
}
)
# Verify connections
research_to_blog = await client.verify_identity_connection(secured_research.identity.aztp_id, final_blog.identity.aztp_id)
blog_to_research = await client.verify_identity_connection(final_blog.identity.aztp_id, secured_research.identity.aztp_id)
storage_to_blog = await client.verify_identity_connection(secured_storage.identity.aztp_id, final_blog.identity.aztp_id)
blog_to_storage = await client.verify_identity_connection(final_blog.identity.aztp_id, secured_storage.identity.aztp_id)
print("Research <-> Blog valid:", research_to_blog and blog_to_research)
print("Storage <-> Blog valid:", storage_to_blog and blog_to_storage)TypeScript Example
import aztp, { whiteListTrustDomains } from "aztp-client";
import { ResearchAgent } from "./agents/research-agent";
import { BlogAgent } from "./agents/blog-agent";
import { StorageService } from "./services/storage";
const AZTP_API_KEY = process.env.AZTP_API_KEY;
const aztpClient = aztp.initialize({ apiKey: AZTP_API_KEY });
// Create your agent and service instances
const researchAgent = new ResearchAgent();
const blogAgent = new BlogAgent();
const storage = new StorageService();
// 1. Secure Blog Agent (root/parent)
const securedBlogAgent = await aztpClient.secureConnect(
blogAgent,
"BlogAgent-1",
{ isGlobalIdentity: true }
);
// 2. Secure Research Agent as child of Blog
const securedResearchAgent = await aztpClient.secureConnect(
researchAgent,
"ResearchAgent-1",
{
isGlobalIdentity: false,
trustDomain: whiteListTrustDomains["gptarticles.xyz"],
parentIdentity: securedBlogAgent.identity.aztpId,
linkTo: [securedBlogAgent.identity.aztpId]
}
);
// 3. Update Blog Agent with Research link
const updatedBlogAgent = await aztpClient.secureConnect(
blogAgent,
"BlogAgent-1",
{
isGlobalIdentity: true,
linkTo: [securedResearchAgent.identity.aztpId]
}
);
// 4. Secure Storage Service as child of Blog
const securedStorage = await aztpClient.secureConnect(
storage,
"StorageService-1",
{
isGlobalIdentity: false,
trustDomain: whiteListTrustDomains["gptarticles.xyz"],
parentIdentity: updatedBlogAgent.identity.aztpId,
linkTo: [updatedBlogAgent.identity.aztpId]
}
);
// 5. Final update to Blog Agent to link with Storage
const finalBlogAgent = await aztpClient.secureConnect(
blogAgent,
"BlogAgent-1",
{
isGlobalIdentity: true,
linkTo: [securedResearchAgent.identity.aztpId, securedStorage.identity.aztpId]
}
);
// Verify connections
const researchToBlog = await aztpClient.verifyIdentityConnection(securedResearchAgent.identity.aztpId, finalBlogAgent.identity.aztpId);
const blogToResearch = await aztpClient.verifyIdentityConnection(finalBlogAgent.identity.aztpId, securedResearchAgent.identity.aztpId);
const storageToBlog = await aztpClient.verifyIdentityConnection(securedStorage.identity.aztpId, finalBlogAgent.identity.aztpId);
const blogToStorage = await aztpClient.verifyIdentityConnection(finalBlogAgent.identity.aztpId, securedStorage.identity.aztpId);
console.log("Research <-> Blog valid:", researchToBlog && blogToResearch);
console.log("Storage <-> Blog valid:", storageToBlog && blogToStorage);For a full working example, see the example repo (opens in a new tab)