x-agent-trust is officially registered in the OpenAPI Extensions Registry · Merged 11 April 2026
The first vendor extension in the OpenAPI registry designed for AI agents. Drop it into any OpenAPI spec. Agents authenticate with signed trust tokens. APIs verify locally. No gateway. No SaaS dependency.
By Raza Sharif, CyberSecAI Ltd | MERGED into the OpenAPI Extensions Registry | PR #67 | Discussion #5267
# Add to any OpenAPI 3.0 / 3.1 spec x-agent-auth: algorithm: ES256 trustLevels: [L0, L1, L2, L3, L4] issuerKeysUrl: /.well-known/agent-trust-keys paths: /v1/charges: post: x-agent-trust-required: L2
const { verifyAgentTrust } = require('mcp-secure'); app.use(verifyAgentTrust({ minTrust: 'L2' }));
const { AgentIdentity } = require('mcp-secure'); const agent = new AgentIdentity({ trustToken: 'eyJ...' }); await agent.fetch('https://api.stripe.com/v1/charges');
Each endpoint requires a minimum trust level. The middleware verifies locally.
| Endpoint | Method | Description | Required Trust |
|---|---|---|---|
/api/data | GET | Read data | L1 |
/api/charges | POST | Create payment | L2 |
/api/execute | POST | Execute workflow | L3 |
/api/admin | DELETE | Admin operation | L4 |
Select an agent and an endpoint. Watch the trust verification happen in real time.
This is the actual wire format: a signed HTTP request with an RFC 8941 structured-field header, verified end-to-end against the JWKS.
The API sets the minimum. The token carries the level. The middleware compares.
| Level | Meaning | Typical Access |
|---|---|---|
| L0 | Unknown agent | Rejected |
| L1 | Identity verified | Read-only |
| L2 | Trust established | Read + limited write |
| L3 | Highly trusted | Read + write + execute |
| L4 | Fully trusted | Read + write + execute + admin |