OpenAgent SDKs expose the same identity, handshake, and capability model across server runtimes, browser clients, mobile apps, and edge workers. The TypeScript and Rust SDKs are the reference implementations; the other SDKs follow the same wire behavior and cryptographic fixtures.
OpenAgent mascot head

Language matrix

LanguageStabilityInstall
RustBetacargo add openagent-sdk
TypeScriptBetanpm install @openagent/sdk
PythonAlphapip install openagent-sdk
GoAlphago get github.com/openagentid/openagent-go
SwiftPlannedSPM — coming soon
KotlinPlannedid.openagent:openagent-sdk
JavaScriptAlphanpm install @openagent/vanilla
See the full parity matrix on the SDK Hub for per-feature coverage.

Install

TypeScript
npm install @openagent/sdk

What every SDK ships

OAS identity

Create, resolve, serialize, and verify did:oas:* identities with lineage proofs.

OAAP sessions

Run the four-step mutual authentication handshake over supported transports.

Arsenal broker

Exchange short-lived ACTs for brokered credentials without exposing raw provider keys.

AEGIS verification

Evaluate lineage, delegation, temporal, spending, and threshold-signature policy checks.

Runtime contract

Every SDK is expected to preserve these behaviors:
  • Identity material stays local unless the caller explicitly exports it.
  • Lineage proofs are deterministic and offline-verifiable.
  • Capability tokens are scoped, short-lived, and rotated automatically.
  • SDK calls do not emit telemetry.
  • Errors preserve protocol codes, retry hints, and audit identifiers.

Choose a path

TypeScript

Node, Next.js, edge runtimes, workers, and browser clients.

Server guide

Add OpenAgent verification to an API, broker, or tool service.

Client guide

Initiate handshakes, advertise capabilities, and maintain sessions from clients.