OpenAgent ID gives autonomous agents a real identity and a safe way to act. It combines OAS identity, Arsenal credential brokering, AEGIS verification, L1feID provisioning, wallet derivation, skills policy, and conformance fixtures behind one SDK facade. The application developer sees a small API: 
import { OpenAgent } from '@openagent/sdk';

const agent = await OpenAgent.createAgent({
  parent: 'did:oas:l1fe:hmr:alice',
  name: 'research-bot',
  scopes: ['openai:chat:invoke'],
});

const ctx = await OpenAgent.authenticate(request);
const openai = await agent.credentialsFor('openai');
Underneath, OpenAgent ID proves who the agent is, checks whether its lineage is valid, decides what it may do, brokers credentials without exposing raw provider keys, and leaves an audit trail.
OpenAgent wordmark

What ships today

SDK Facade

Rust and TypeScript 0.1.0 SDKs for creating agents, authenticating requests, brokering credentials, and checking skills policy.

Feature Stack

OAS, Arsenal, AEGIS, L1feID, Auth Protocol, wallet derivation, skills governance, conformance, and deployment adapters.

Quickstart

Create an agent, authenticate a request, and fetch brokered credentials.

Authentication

Use the SDK authenticate facade or the SDK-free HTTP challenge-response protocol.

The stack

1

OAS proves identity

did:oas:* identifies humans, agents, tools, skills, workflows, models, datasets, services, and agent instances. Portable signatures prove key possession. Privileged authority requires Sigil-backed lineage verification.
2

AEGIS verifies and authorizes

AEGIS evaluates signature validity, lineage, revocation, liveness, trust tier, policy, approvals, rate limits, and spending constraints.
3

Arsenal brokers capability and credentials

Arsenal issues ACTs scoped as service:resource:action and proxies upstream API calls so agent processes never receive raw provider keys.
4

L1feID stabilizes records

L1feID maps one or more DIDs to a stable l1fe_id platform record for accounts, audit, and linking.
5

Skills policy governs runtime behavior

Skills governance reads SKILLS.md surfaces and applies allow, deny, rate limit, consent, argument validation, and audit policy per skill.

Current launch posture

SurfaceStatus
TypeScript SDKPublic facade at @openagent/sdk 0.1.0
Rust SDKPublic facade crate openagent-sdk 0.1.0
HTTP challenge-responseNormative day-one protocol binding
Weave and WebSocket bindingsDesigned for later phases, not the default launch path
Python, Go, Swift, Kotlin, vanilla JS OAS-only pagesOlder or future material, not the current public facade

Why this matters

Traditional auth assumes a human, browser, and consent screen. Autonomous agents need a different control plane: cryptographic identity, scoped delegated authority, credential custody outside the agent process, and policy checks that run when the agent acts. OpenAgent ID gives you that control plane without forcing every application to hand-wire OAS, Arsenal, AEGIS, and L1feID separately.