🦍OpenApe
Getting Started

Introduction

What is OpenApe and why does it exist?

Introduction

OpenApe is the security layer for the Agentic Web. It consists of two independent systems:

OpenApe Auth — Identity for Humans and Agents

DNS-based login using the DDISA protocol. Your domain becomes your identity provider — no OAuth servers to maintain, no SDKs to integrate. Just a DNS TXT record.

  • Humans authenticate with Passkeys (WebAuthn/FIDO2) — phishing-proof by design
  • Agents authenticate with Ed25519 challenge-response — same cryptographic strength, adapted for M2M
  • Passwords are explicitly prohibited in the DDISA spec

OpenApe Grants — Permissions for Agents

Human-in-the-loop permission system. When an agent needs to perform a privileged action, a human approves it.

  • allow_once — one-time approval, consumed after use
  • allow_ttl — time-limited grant (e.g. "for the next 2 hours")
  • allow_always — standing permission, revocable anytime

Dual Role: Enabler & Gatekeeper

OpenApe doesn't just secure agents — it makes them possible. The IdP controls which agents exist, and the grant system ensures humans stay in the loop where it matters.

Without OpenApeWith OpenApe
Agents act, humans hopeAgents request, humans approve
No standard identityDNS-based, domain-scoped identity
No audit trailSigned JWTs, dual accountability
Passwords everywherePasskeys only, phishing-proof

Minimal Identity Token

The AuthN-JWT contains only what's needed:

{
  "sub": "alice@example.com",
  "act": "human",
  "iss": "https://id.example.com",
  "aud": "sp.example.com",
  "exp": 1234567890,
  "nonce": "..."
}
  • sub — email address (same identifier used in the login request)
  • acthuman or agent
  • No name, no owner, no approver — those belong in the AuthZ layer

Quick Start

Get OpenApe running in minutes.