MCP Hub
Back to servers

autron-core

Open Identity Standard for AI Agents — DID, Agent Cards, delegation, reputation

Registry
AI & MLDevelopment Tools
Updated
Feb 28, 2026
View Source
Claim this server

Quick Install

npx -y @autron/core

Autron Protocol

npm version CI License: Apache-2.0 Node.js

The Open Identity Standard for AI Agents "OAuth for the Agentic Era"

Install

npm install @autron/core

Quick Start

const { generateKeypair, createDID, resolveDID, toStandardDID } = require('@autron/core');

const keys = generateKeypair();
const did = createDID('key', keys);
console.log('Agent DID:', did);
// → did:autron:key:z6Mk...

const doc = resolveDID(did);
console.log('DID Document:', JSON.stringify(doc, null, 2));

// Compatible with standard DIDs
console.log('Standard:', toStandardDID(did));
// → did:key:z6Mk...

Why Autron?

  • Simple: Agent identity in 5 minutes, any language
  • Self-contained: No blockchain, no central server
  • Cryptographically secure: Ed25519 / secp256k1 signatures
  • Compatible: W3C DID, JWT/JWS, works with MCP & A2A
  • Brand-first: did:autron:* namespace with did:key/did:web compatibility mapping
  • TypeScript ready: Full type declarations included

DID Methods

MethodFormatExample
keySelf-issued from keypairdid:autron:key:z6Mk...
webDomain-baseddid:autron:web:api.example.com
dnsDNS TXT recorddid:autron:dns:myagent.example.com

Agent Card

Issue and verify cryptographic identity cards (JWS compact serialization):

const { generateKeypair, createDID, createAgentCard, verifyAgentCard } = require('@autron/core');

const keys = generateKeypair();
const did = createDID('key', keys);

// Issue a card (short-lived JWS token)
const card = createAgentCard({
  issuer: did,
  privateKey: keys.privateKey,
  name: 'MyAgent',
  capabilities: ['chat', 'search'],
  ttl: 86400, // 24 hours
});

// Verify (extracts public key from DID automatically)
const { issuer, subject, payload } = verifyAgentCard(card);

Delegation

Grant scoped permissions to other agents:

const { createDelegation, verifyDelegation, checkScope } = require('@autron/core');

const token = createDelegation({
  delegator: parentDID,
  delegate: childDID,
  privateKey: parentKeys.privateKey,
  scope: ['read:*', 'write:messages'],
  constraints: { maxCalls: 100 },
  ttl: 3600, // 1 hour
});

const result = verifyDelegation(token);
checkScope(result, 'read:files');     // true (matches read:*)
checkScope(result, 'write:messages'); // true (exact match)
checkScope(result, 'admin');          // false

Reputation

Endorse other agents and calculate trust scores:

const { createEndorsement, verifyEndorsement, calculateReputation } = require('@autron/core');

// Endorse another agent
const endorsement = createEndorsement({
  endorser: myDID,
  subject: otherDID,
  privateKey: myKeys.privateKey,
  rating: 0.9,
  categories: ['coding', 'search'],
  comment: 'Reliable agent',
});

// Aggregate reputation from multiple endorsements
const rep = calculateReputation(verifiedEndorsements);
console.log(rep.score);      // 0.0-1.0 (recency-weighted average)
console.log(rep.categories); // { coding: { score: 0.9, count: 3 }, ... }

Discovery

Build discoverable DID Documents and well-known metadata:

const { buildDIDDocument, createWellKnown, SERVICE_TYPES } = require('@autron/core');

// DID Document with service endpoints
const doc = buildDIDDocument(did, {
  services: [
    { type: SERVICE_TYPES.AGENT_CARD, serviceEndpoint: 'https://example.com/card' },
    { type: SERVICE_TYPES.API, serviceEndpoint: 'https://example.com/api/v1' },
  ],
});

// /.well-known/autron.json
const wk = createWellKnown({
  did,
  name: 'MyAgent',
  capabilities: ['chat', 'search'],
  cardEndpoint: 'https://example.com/.well-known/agent-card',
});

HTTP Server

Run a full identity server with discovery, verification, and token endpoints:

const { generateKeypair, createDID, createServer } = require('@autron/core');

const keys = generateKeypair();
const did = createDID('key', keys);

const server = createServer({
  identity: { did, privateKey: keys.privateKey, name: 'MyAgent' },
  port: 3000,
  cors: true,
});
MethodEndpointAuthDescription
GET/.well-known/autron.jsonNoDiscovery document
GET/api/identityNoAgent identity info
POST/api/verifyNoVerify any token
GET/api/reputation/:didNoReputation score
POST/api/cardBearerIssue Agent Card
POST/api/delegateBearerIssue delegation
POST/api/endorseBearerSubmit endorsement

Middleware

Protect your endpoints with Agent Card authentication and delegation scope checks:

const { authenticate, requireScope, AuthError } = require('@autron/core');

const auth = authenticate({ audience: myDID });
const scopeCheck = requireScope('write:messages');

function handleRequest(req, res) {
  try {
    const agent = auth(req);         // Verify Bearer Agent Card
    const deleg = scopeCheck(req);   // Verify X-Delegation-Token scope
    // agent.did, agent.name, agent.capabilities
    // deleg.delegator, deleg.scope, deleg.constraints
  } catch (err) {
    if (err instanceof AuthError) {
      res.writeHead(err.status);
      res.end(err.message);
    }
  }
}

MCP Server

Expose Autron identity operations as MCP tools for AI agents:

npx autron mcp          # Start MCP server over stdio
npx autron-mcp          # Direct binary for MCP clients

Claude Code / Cursor configuration (mcp.json):

{
  "mcpServers": {
    "autron": {
      "command": "npx",
      "args": ["autron-mcp"]
    }
  }
}
ToolDescription
identity_infoGet current agent DID, name, algorithm
issue_cardIssue an Agent Card (JWS identity token)
issue_delegationCreate a delegation token
issue_endorsementCreate an endorsement
verify_tokenVerify any Autron token
calculate_reputationAggregate reputation score
resolve_didParse and resolve a DID
discover_agentDiscover a remote agent by URL or DID

Resources: autron://identity, autron://well-known

CLI

npx autron init --name "MyAgent"    # Generate identity → autron.json
npx autron info                     # Show current identity
npx autron card --ttl 24h           # Issue an Agent Card
npx autron verify <token>           # Verify any token
npx autron endorse <did> --rating 0.9 --category coding
npx autron mcp                      # Start MCP server

TypeScript

Full type declarations are included — no @types package needed:

import {
  generateKeypair,
  createDID,
  createAgentCard,
  verifyAgentCard,
  type Keypair,
  type VerifiedAgentCard,
  type Algorithm,
} from '@autron/core';

const keys: Keypair = generateKeypair('ed25519');
const did: string = createDID('key', { publicKey: keys.publicKey });
const card: string = createAgentCard({ issuer: did, privateKey: keys.privateKey });
const result: VerifiedAgentCard = verifyAgentCard(card);

API

Crypto

  • generateKeypair(algorithm?) — Generate Ed25519 or secp256k1 keypair
  • sign(data, privateKey, algorithm?) — Sign data
  • verify(data, signature, publicKey, algorithm?) — Verify signature
  • publicKeyToMultibase(publicKey, algorithm?) — Encode key as multibase
  • multibaseToPublicKey(multibaseStr) — Decode multibase to key
  • keyToJWK(publicKey, privateKey?, algorithm?) — Convert to JWK format
  • jwkToKey(jwk) — Convert from JWK format

DID

  • createDID(method, options) — Create a DID string
  • parseDID(didString) — Parse DID into components
  • resolveDID(didString) — Resolve to W3C DID Document
  • toStandardDID(autronDID) — Convert to did:key / did:web
  • fromStandardDID(standardDID) — Convert from standard DID

Agent Card

  • createAgentCard(options) — Issue a signed identity card (JWS)
  • verifyAgentCard(token, options?) — Verify signature, expiry, audience
  • parseAgentCard(token) — Parse without verification

Delegation

  • createDelegation(options) — Issue a delegation token
  • verifyDelegation(token, options?) — Verify delegation
  • checkScope(delegation, requiredScope) — Check granted scopes (supports wildcards)

Discovery

  • buildDIDDocument(did, options?) — DID Document with services/controllers
  • createWellKnown(options) — Build /.well-known/autron.json
  • parseWellKnown(doc) — Parse well-known document
  • SERVICE_TYPES — Standard service type constants

Reputation

  • createEndorsement(options) — Issue a signed endorsement (0.0-1.0 rating)
  • verifyEndorsement(token, options?) — Verify endorsement
  • calculateReputation(endorsements, options?) — Aggregate trust score (recency-weighted)

Server

  • createServer(options) — Create and start HTTP identity server
  • handleRequest(options) — Create request handler (BYO server)

Middleware

  • authenticate(options?) — Create Bearer token auth function
  • requireScope(scope) — Create delegation scope checker
  • extractBearer(req) — Extract Bearer token from headers
  • extractDelegation(req) — Extract delegation token from headers
  • AuthError — Auth error class with HTTP status

Client

  • discoverAgent(urlOrDID) — Discover remote agent
  • fetchWellKnown(baseUrl) — Fetch well-known document
  • fetchIdentity(baseUrl) — Fetch agent identity
  • requestCard(baseUrl, bearer, options?) — Request Agent Card
  • requestDelegation(baseUrl, bearer, options) — Request delegation
  • submitEndorsement(baseUrl, bearer, options) — Submit endorsement
  • verifyRemote(baseUrl, token) — Verify token remotely

MCP

  • createMCPServer(options?) — Create MCP server instance

JWS (Low-level)

  • createJWS(header, payload, privateKey, algorithm) — Create JWS compact token
  • verifyJWS(token, publicKey, algorithm) — Verify and decode
  • parseJWS(token) — Parse without verification

License

Apache 2.0

Reviews

No reviews yet

Sign in to write a review