Agent Governance Foundation

Product

The AGF Authorization Service

A fully managed service for AI agent governance. Delegation chains, trust scoring, risk evaluation, revocation, and audit — all included. Your agents call our API. We handle the rest.

20

Open specifications

< 500 ms

Revocation propagation

Capabilities

Agent Identity

Know exactly who — or what — is acting

Every agent gets a cryptographically verifiable identity based on the DID standard. Agent IDs are issued against human principals and carry ownership, scope, and credential metadata. Identity is the foundation every other governance layer is built on.

Trust Scoring

Quantify how much to trust each request

Trust Score combines three components: lineage score (delegation chain depth and quality), credential score (verification and attestation history), and anomaly score (behavioral deviation from baseline). Updated per session — not static.

Authorization

Enforce what every agent is allowed to do

Scope-bounded delegation tokens. Every agent operation is checked against an active policy at the Policy Decision Point. Allow/deny decisions are made in under 20 ms with full delegation provenance in the audit record.

Branch-Cut Revocation

Cut off access instantly — everywhere

Revoke one agent and the cut propagates to every downstream agent in the delegation tree in under 500 ms. Branch-cut semantics mean you never have a partial revocation state. Works across single agents and deep multi-agent chains.

Audit Artifacts

Signed, tamper-proof records of every decision

Every authorization decision produces a signed artifact: who asked, what was decided, why, what context was present, and the full delegation chain. Artifacts are replayable and suitable for regulatory compliance evidence.

Compliance Reporting

Meet NIST, ISO, and EU AI Act requirements

Pre-built compliance reports for NIST AI RMF, ISO 42001, and the EU AI Act. Policy drift detection alerts you when your governance posture changes. Enterprise tier includes dedicated audit assistance and incident runbooks.

How it works

One API call.
Full governance.

Your agent sends a single authorization request. The AGF Authorization Service verifies identity, computes trust score, evaluates policy, and signs an audit record — all before returning the decision.

You integrate once. We handle availability, policy updates, and compliance. No infrastructure to provision or maintain.

Ready to deploy?

Choose a plan and get your governance layer running today.