Getting Started
Introduction
What is OpenApe and why does it exist?
Introduction
OpenApe is the security layer for the Agentic Web. It consists of two independent systems:
OpenApe Auth — Identity for Humans and Agents
DNS-based login using the DDISA protocol. Your domain becomes your identity provider — no OAuth servers to maintain, no SDKs to integrate. Just a DNS TXT record.
- Humans authenticate with Passkeys (WebAuthn/FIDO2) — phishing-proof by design
- Agents authenticate with Ed25519 challenge-response — same cryptographic strength, adapted for M2M
- Passwords are explicitly prohibited in the DDISA spec
OpenApe Grants — Permissions for Agents
Human-in-the-loop permission system. When an agent needs to perform a privileged action, a human approves it.
allow_once— one-time approval, consumed after useallow_ttl— time-limited grant (e.g. "for the next 2 hours")allow_always— standing permission, revocable anytime
Dual Role: Enabler & Gatekeeper
OpenApe doesn't just secure agents — it makes them possible. The IdP controls which agents exist, and the grant system ensures humans stay in the loop where it matters. The IdP and its management credentials are controlled exclusively by humans — agents authenticate through cryptographic challenge-response, never through admin tokens.
| Without OpenApe | With OpenApe |
|---|---|
| Agents act, humans hope | Agents request, humans approve |
| No standard identity | DNS-based, domain-scoped identity |
| No audit trail | Signed JWTs, dual accountability |
| Passwords everywhere | Passkeys only, phishing-proof |
Minimal Identity Token
The AuthN-JWT contains only what's needed:
{
"sub": "alice@example.com",
"act": "human",
"iss": "https://id.example.com",
"aud": "sp.example.com",
"exp": 1234567890,
"nonce": "..."
}
sub— email address (same identifier used in the login request)act—humanoragent- No name, no owner, no approver — those belong in the AuthZ layer