Core Concepts
AZTP provides enterprise-grade security for AI agents through four fundamental capabilities:
1. Identity Management
- Each agent gets a unique cryptographic identity
- Identity is automatically verified during operations
- Use
getIdentity()to access the agent's identity - Use
verifyIdentity()to check identity validity
Learn more about Identity Management →
2. Policy Enforcement
- Define what actions agents can perform
- Use
can(action, context)to check permissions - Policies are written in OPA's Rego language
- Policy enforcement is optional and configurable
Learn more about Policy Enforcement →
3. Secure Communication
- Communicate securely between agents
- Use
secureCall(targetId, action, payload)for agent-to-agent calls - All communications are authenticated and monitored
- Trust domains ensure secure boundaries
Learn more about Secure Communication →
4. Security Monitoring
- All security operations are automatically monitored
- Security events are logged by default
- Custom monitoring handlers can be added
- Provides audit trail of all security operations
Learn more about Security Monitoring →
Key Principle
AZTP is designed to secure any AI agent with minimal code changes:
- Works with any existing agent implementation
- Original agent methods remain unchanged
- Security features are added through simple API
- No security expertise required
Security Capabilities
Every secured agent gets these capabilities:
interface SecurityCapabilities {
/** Get the agent's identity */
getIdentity(): Promise<Identity>;
/** Verify the current identity */
verifyIdentity(): Promise<boolean>;
/** Check if an action is allowed */
can(action: string, context?: Record<string, unknown>): Promise<boolean>;
/** Call another agent securely */
secureCall(targetId: string, action: string, payload?: Record<string, unknown>): Promise<unknown>;
}