AI agents are the hidden multiplier of machine-to-machine trust.
Every autonomous agent needs a verifiable identity. Not an API key – a certificate. A2A identity is mTLS for the agentic era.
Every agent is an identity you didn't plan for
Your infrastructure was built for services with known lifetimes and predictable scaling. Agents change that equation.
Every new AI agent is a new identity to manage.
A single orchestration pipeline can spawn dozens of agents. Each one makes network calls, accesses APIs, and interacts with other agents.
Agents multiply faster than humans can track.
Agents spin up on demand, chain together autonomously, and call services you may not have anticipated. The identity surface area grows exponentially.
Without certificate-based identity, you're trusting agents implicitly.
Shared API keys can't distinguish one agent from another. There's no mutual verification, no revocation, no audit trail of which agent did what.
This is the same trust model failure – accelerated by AI.
The industry spent a decade learning that shared secrets don't scale for services. Agents are the same lesson, compressed into months.
Why API keys fail at scale
- Shared secrets
One key shared across multiple agents. Compromised once, compromised everywhere.
- No mutual authentication
The server checks the key. The client trusts blindly. No verification in either direction.
- No instant revocation
Rotating a key means finding every agent that uses it. In agentic systems, that's a moving target.
- No audit of who used what
When ten agents share a key, your logs show the key – not the agent. Attribution is impossible.
- Unique per agent
Every agent gets its own certificate. Identity is cryptographic, not a string in a config file.
- Mutual verification
Both sides prove identity before exchanging data. The agent verifies the service. The service verifies the agent.
- Instant revocation
Revoke one agent without affecting any other. CRL and OCSP propagate immediately.
- Full audit trail
Every issuance, every authentication, every revocation tied to a specific agent identity.
What A2A Identity does
Certificate-based identity for autonomous agents. The same trust model that secures your services – extended to every agent in your infrastructure.
Unique identity per agent
Issue a certificate to every AI agent. Each identity is cryptographically unique – scoped to what the agent can access and how long it lives.
Mutual agent authentication
Agents prove identity to each other before exchanging data. Both sides of every interaction are verified – not just the caller.
Instant agent revocation
Revoke a compromised or misbehaving agent immediately. Every relying party knows within seconds – not at next key rotation.
Policy-driven trust boundaries
Define which agents can talk to which services, what actions they're permitted, and enforce those boundaries cryptographically.
Complete audit trail
Every agent credential issuance, authentication event, and revocation recorded. Who deployed the agent, when, and what it was authorised to do.
Framework-ready
Works with popular agentic frameworks including LangChain, CrewAI, AutoGen, and custom implementations. Standard X.509 – no proprietary SDKs.
How it works
Certificate-based identity for agents follows the same model as service identity – request, verify, issue, authenticate.
Agent submits CSR with identity scope
Trust CA validates and signs certificate
Trust CA validates and signs certificate
Agent presents cert to peer agent or service
Agent presents cert to peer agent or service
Mutual identity confirmed – data flows
Where A2A Identity applies
Agents proving identity to each other within orchestration pipelines. When Agent A delegates to Agent B, both sides verify before any data or instructions are shared.
Prevents agent impersonation and prompt injection through identity spoofing.
Agents accessing internal APIs, databases, and infrastructure. Each agent authenticates with its own certificate – not a shared service account or API key.
Same mTLS handshake your services already use. No new protocol.
Industries requiring audit trails and identity for every autonomous system. Financial services, healthcare, and government mandates demand knowing exactly which agent took which action.
Full issuance and revocation audit log for compliance reporting.
Built on [cyphrs]™ Hub
A2A Identity isn't a separate product – it's a new identity class on the same infrastructure that manages your services and certificates.
A2A Identity uses the same mutual TLS handshake that secures service-to-service communication. Agents are a new identity class – not a new protocol.
Agent certificates are issued by your own Trust CA. Same hierarchy, same policy engine, same revocation infrastructure. Agents get identities from a root you own.
Scout discovers agent endpoints across your infrastructure – identifying which agents exist, what certificates they hold, and which need identity provisioning.
Give every agent an identity
Early access is free. We're working with a small number of teams to shape the platform – including how agent identity fits into their infrastructure.