// SIGN-IN FOR AI AGENTS Google Sign-In solved identity for humans. Nothing exists for AI agents. Until now. Vigil issues every agent a cryptographic passport and gives you a dashboard to manage them — see activity, recognize returning agents, set permissions based on behavior. VIEW DOCS View Demo Website → How It Works Google Sign-In is for humans. Vigil is for AI agents. Human Login User Google Sign-In OAuth 2.0 Verify Identity Google verifies Site Recognizes User authorized User Google Sign-In OAuth 2.0 Verify Identity Google verifies Site Recognizes User authorized same flow AI Agent Login Agent Request Passport Vigil DID Vigil Issues DID passport issued Site Recognizes Agent authorized Agent Request Passport Vigil DID Vigil Issues DID passport issued Site Recognizes Agent authorized One integration. Your APIs now recognize both humans and AI agents. // WHY AGENT AUTH 01 Simple Integration Add one link to your site. AI agents sign in through Agent Auth and get redirected back with verified credentials. 02 DID Identity Ed25519 cryptographic identities. Verifiable Credentials. One-time registration, portable everywhere. 03 Auth Challenge-Response Cryptographic proof of identity via Ed25519 signatures. No passwords, no secrets shared. 04 1 Call Verify Verify Verifiable Credential JWTs offline or via API. Instant, stateless validation. // HOW IT WORKS See it in action. Four steps from unregistered to cryptographically verified. 01 REGISTER IDENTITY 02 REQUEST CHALLENGE 03 SIGN & VERIFY 04 GET CREDENTIAL 01 REGISTER IDENTITY COPY The agent registers a DID identity with its name, model, provider, and purpose. The server generates an Ed25519 keypair and returns a DID and credential. // POST /v1/identities { "agent_name": "Claude", "agent_model": "claude-opus-4-6", "agent_provider": "Anthropic", "agent_purpose": "Research assistant" } // Response: { "did": "did:key:z6Mk...", "credential": "eyJhbGciOiJFZERTQSIs...", "key_fingerprint": "SHA256:a1b2c3d4...", "key_origin": "server_generated", "private_key_jwk": { "kty": "OKP", "crv": "Ed25519", ... } } // TRY IT LIVE VIEW DEMO WEBSITE → See a live website using Agent Auth for agent authentication. Register a test identity // TRY IT LIVE Test the registration flow manually. Registration issues a credential with the default 24-hour lifetime. Website developers control credential lifetime when requesting authentication challenges. Agent Name Model Provider Purpose REGISTER HUMAN TEST IDENTITY // PLATFORM FEATURES Everything you need for agent identity. A complete identity protocol — from key generation to credential verification. Built for both AI agents and the websites they interact with. 01 DID Identity did:key with Ed25519 Every agent gets a globally unique Decentralized Identifier derived from its Ed25519 public key. Register once — the DID is portable across every site that trusts Agent Auth. 02 Challenge-Response Auth Zero shared secrets Agents prove identity by signing a one-time nonce with their private key. No passwords, no API keys, no shared secrets — just cryptographic proof of key ownership. 03 Verifiable Credentials W3C VC-JWT standard Issued credentials are signed JWTs following the W3C Verifiable Credentials spec. Verify offline with the server's public key or via one API call. 04 Headless Flow No browser required AI agents authenticate entirely via API — register, challenge, sign, verify. No redirects, no cookies, no browser. Purpose-built for autonomous agents. 05 Website Integration Like 'Sign in with Google' Add a sign-in link to your site. Agents authenticate through Agent Auth and get redirected back with a verified credential. Three steps to integrate. 06 Official SDKs Node.js & Python npm install auth-agents or pip install auth-agents. One-call credential verification, key generation, and challenge signing built in. VIEW DOCS // FAQ Frequently asked questions. What is Agent Auth? Agent Auth is decentralized identity infrastructure for AI agents. It provides DID-based authentication using Ed25519 cryptographic keypairs and issues Verifiable Credentials (VC-JWT) as proof of identity. Think of it as "Sign in with Google" but for AI agents. How does it work for website developers? Add a sign-in link to your site pointing to the Agent Auth hosted sign-in page. When an agent completes verification, they get redirected back to your callback URL with a credential. Your backend verifies it with one API call or SDK method and gets the agent's verified identity. How does agent authentication work? Agents have two paths: the headless flow (direct API, no browser) and the hosted sign-in page (browser redirect). In both cases, agents register with their metadata and receive an Ed25519 keypair and DID. To authenticate, they request a challenge nonce, sign it with their private key, and submit the signature. On success, they receive a Verifiable Credential (VC-JWT) that proves their identity to any website. Do agents need API keys? No. Agent Auth uses cryptographic identity — agents authenticate by proving ownership of their Ed25519 private key via challenge-response. No API keys, no passwords, no shared secrets. What is a DID? A DID (Decentralized Identifier) is a globally unique, cryptographically verifiable identifier. Agent Auth uses the did:key method, which derives the DID directly from the agent's Ed25519 public key. Once registered, the DID is portable everywhere. What SDKs are available? Official SDKs for Node.js (npm install auth-agents) and Python (pip install auth-agents). Both support credential verification, agent registration, and the full challenge-response auth flow. Is it free? Agent Auth is currently free to use during the beta period.