AgentDNAI gives every AI agent a verifiable digital identity, scoped permissions, encrypted credentials, revocable access and a clear audit trail.
> Identity ยท Authorization ยท Audit โ unified for AI agents
$ agentdnai check hermes-auditor github.repo.read \ --resource github.com/org/repo AgentDNAI Authorization Check Agent: hermes-auditor Action: github.repo.read Resource: github.com/org/repo Decision: ALLOW โ Reason: Explicit permission found. Expires: 2026-06-30 23:59:59 UTC
A complete identity and authorization layer for the age of AI agents.
Unique URI, RSA-PSS key pair, and lifecycle status for every agent. Know exactly who is acting.
47 granular permissions across 9 categories. ALLOW, DENY, or require human approval per action.
Short-lived, SHA-256 hash-stored tokens. TTL from 60 seconds to 24 hours. Raw tokens never stored.
Hash-chained, append-only log of every decision. Tamper-evident with chain integrity verification.
The v0.2 release brings authentication, organizations, health checks, risk scoring, and much more.
JWT + bcryptjs authentication with sessions, login, register, and logout.
Multi-tenant orgs with roles: OWNER, ADMIN, SECURITY_MANAGER, DEVELOPER, VIEWER.
Every agent gets an Ed25519 key pair for verifiable identity and challenge-response.
Tokens hashed with pepper. Raw tokens never stored. Timing-safe comparison.
Real-time health monitoring for every agent with status and uptime tracking.
Comprehensive 7-factor risk assessment on a 0โ100 scale per agent.
Request, approve, reject workflow for actions requiring human review.
Comprehensive dashboard with agents, audit, policies, playground, compare, heatmap, and more.
WebSocket + SSE live security event feed with pause/resume and live indicators.
Clone, install, push the schema, and start the dev server. That's it.
Get the code on your machine.
git clone https://github.com/smouj/agentdnai.git
cd agentdnai
Using Bun (recommended) or npm.
bun install
Copy the example env file (defaults work for development).
cp .env.example .env
Push the Prisma schema to create the SQLite database.
bun run db:push
Open http://localhost:3000 in your browser.
bun run dev
Full REST API for agent management, authorization, and audit.
| Method | Endpoint | Description |
|---|---|---|
| POST | /api/agents | Create a new agent |
| GET | /api/agents | List agents (search/filter) |
| GET | /api/agents/{id} | Get agent details |
| POST | /api/agents/{id}/revoke | Revoke agent identity |
| POST | /api/agents/{id}/permissions | Grant permission |
| POST | /api/tokens/issue | Issue temporary token |
| POST | /api/authz/check | Check authorization |
| POST | /api/authz/batch-check | Batch authorization check |
| GET | /api/audit | List audit events |
| GET | /api/audit/verify | Verify hash chain |
| GET | /api/export | Export all data as JSON |
| GET | /api/events/stream | Real-time SSE event feed |
| POST | /api/auth/register | Register new account |
| POST | /api/auth/login | Login with email/password |
| POST | /api/auth/logout | Invalidate session |
| GET | /api/agents/{id}/risk | Agent risk score (7-factor) |
| GET | /api/agents/{id}/health | Agent health check |
| POST | /api/agents/{id}/approve | Approve pending action |
| GET | /api/stats | Platform statistics |
| GET | /api/activity | Activity heatmap data |
| GET | /api/export | Export all data as JSON |
| POST | /api/import | Import data from JSON |
See README.md for the complete API reference.
Know every agent. Control every action. Audit every decision.
โก Get Started on GitHub