Cryptographic proof that a verified person owns this agent and approved this exact action. Slots directly into your existing stack.
Today, AI agents need to act on behalf of real people, but there's no portable way to verify who owns them or whether a specific action was approved. Credentials leak, cookies get shared, and downstream systems can't distinguish trusted agents from malicious bots, so they either block both or trust both.
Until now.
A partner, a network, an agent platform — adds AG9 alongside what they already check.
Open the VeryAI app, scan the agent's pairing QR, review the scope, palm-scan to confirm.
When the agent tries something sensitive, the partner pings AG9.
AG9 attestations are JWTs. Fetch the public keys, verify the signature, read four claims. That's the integration. No SDK required.
1// Fetch the public keys from any AG9 issuer 2const jwks = await fetch('/.well-known/jwks.json') 3 4// Verify the attestation 5const claims = jwt.verify(attestation, jwks) 6 7// Branch on the claims 8if (claims.action_hash === hash(req)) { 9 allow(claims.human_id, claims.scope) 10}
Drop AG9 into your existing auth path. Read a signed attestation, get a palm-verified human ID.
Link agents with a palm scan. Approve sensitive actions in real time. Revoke in one tap.
AG9 doesn't ask you to rebuild your auth layer. It's a small, signed payload that rides inside the standards your stack already speaks.
JWKS endpoint, Ed25519 signatures, sub-100ms verification.
Drop it into the standards your stack already speaks.
