Guides
Core Concepts

Core Concepts

Identity

  • Global Identity: Unique, premium, uses the official trust domain (aztp.network), can be a parent to non-global identities.
  • Non-Global Identity: Uses custom trust domains, must reference a parent global identity, ideal for internal/subsidiary services.
  • Linked Identity: Use the linkTo parameter to link identities.
  • Parent/Child Identity: Use the parentIdentity parameter to establish hierarchy.
  • Identity Format: aztp://<trust-domain>/<agent-name> (public), composite format for internal uniqueness.

Policy

  • Policies control which trust domains can access an identity.
  • isGloballyAvailable flag: If true, identity is open to all domains. If false, access is restricted by policy.
  • Time-limited access: Policies can grant access for a set time window.

Trusted Domains

  • Only whitelisted domains can be used for trust relationships.
  • Use the trustDomain parameter and check the whitelist.

Abstracted Flows

  • Identity Issuance: Use secure_connect/secureConnect with appropriate parameters.
  • Policy Enforcement: Use get_policy/getPolicy and evaluate in real-time.
  • Trusted Domain Validation: Always validate against the whitelist.

TODO:

  • Add diagrams for identity relationships and policy flows
  • Add more real-world scenarios
API ReferenceFAQ