Getting Started

Welcome to AZTP - Enterprise-grade security for AI agents.

What is AZTP?

AZTP is a security SDK that adds enterprise-grade security capabilities to any AI agent through a simple API. It provides:

• Identity Management: Cryptographic identities using SPIFFE
• Policy Enforcement: Fine-grained access control using OPA
• Secure Communication: Authenticated agent-to-agent communication
• Security Monitoring: Built-in security event tracking and audit trails

Quick Navigation

1. Installation: Install AZTP SDK
2. Quick Start: Secure your first AI agent
3. Core Concepts: Learn fundamental principles

Moving Forward

AZTP provides several key security features that you can explore in depth:

• Identity Management: Learn how SPIFFE identities work and how to manage certificates
• Policy Enforcement: Understand how to define and enforce access control policies using OPA
• Secure RPC: Set up authenticated communication between your agents
• Security Monitoring: Learn about built-in security events and monitoring capabilities

What's Next?

Choose your path based on your needs:

• If you need to understand agent identities → Identity Management Guide
• If you want to control what agents can do → Policy Enforcement Guide
• If you need agents to communicate securely → Secure RPC Guide
• If you want to monitor security events → Security Monitoring Guide

Basic Example

Here's a simple example of securing an AI agent:

import { secureConnect } from '@aztp/sdk';
 
// Your AI agent
const agent = {
  async process(input: string) {
    return `Processed: ${input}`;
  }
};
 
// Secure the agent with basic identity management
const securedAgent = await secureConnect(agent, {
  spiffe: {
    trustDomain: 'example.org',
    keyDir: './spiffe-keys'
  }
});
 
// Use security capabilities
try {
  // Get agent's identity (always available)
  const identity = await securedAgent.getIdentity();
  console.log('Agent ID:', identity.id);
  
  // Verify identity (always available)
  const isVerified = await securedAgent.verifyIdentity();
  
  // Original agent functionality still works
  const result = await securedAgent.process('test input');
} catch (error) {
  console.error('Security operation failed:', error);
}

Next Steps

After installation, check out our guides to learn more about:

• Identity Management
• Policy Enforcement
• Secure RPC
• Security Monitoring