Skip to main content
All endpoints require authentication. Agents are namespaced per company — the same agentId string can exist in multiple companies.

POST /v1/agents/register

Registers an agent under the authenticated company and issues its initial JWT-SVID. Uses INSERT OR REPLACE — calling this again with the same agentId updates the registration without creating a duplicate.

Request body

Response 201

Error responses

Example


GET /v1/agents/:agentId

Returns the registration record for a specific agent. Returns 404 if the agent is not registered under the authenticated company.

Path parameters

Response 200

Example


GET /v1/agents/:agentId/svid

Issues a fresh JWT-SVID for the specified agent. Returns 404 if the agent is not registered under the authenticated company. SVIDs are short-lived (TTL: 3600 s) and are primarily used as inputs to the RFC 8693 token exchange (POST /v1/token/exchange). For agent authentication at MCP servers, use passports instead — they carry richer claims and can be verified offline.

Path parameters

Response 200

Example