|Agent-Auth.
SDKs

SDKs

Official and community SDKs for the Agent Auth Protocol — TypeScript, Python, and implementation guides for other languages.

Official and community SDKs for the Agent Auth Protocol. The protocol is simple enough to implement from scratch in any language — Ed25519 keypairs, device authorization flow, signed JWTs, and three database tables.

TypeScript

Better Auth plugin (Server)

Full reference implementation of the Agent Auth server as a Better Auth plugin. Drop-in agent identity, registration, device flow, capability management, and session verification.

import { betterAuth } from "better-auth";
import { agentAuth } from "@better-auth/agent-auth";

const auth = betterAuth({
  plugins: [agentAuth()],
});
  • Agent registration with Ed25519 key verification
  • Device authorization flow for user approval
  • Capability management and grant tracking
  • Session verification via getAgentSession()
  • Lifecycle management (expiry, reactivation, revocation)

View on GitHub →

@auth/agent (Client SDK)

Client SDK for agent runtimes. Manages keypairs, signs requests, handles registration and capability escalation. Ships with tool adapters for Vercel AI SDK, OpenAI, and Anthropic.

npm install @auth/agent
  • Ed25519 key generation and management
  • JWT signing for every request
  • Auto-registration with discovery
  • Capability escalation handling
  • AI framework tool adapters (Vercel AI SDK, OpenAI, Anthropic)
  • Pluggable storage interface

View documentation → · View on GitHub →

@auth/agent-cli (CLI & MCP Server)

Command-line tool and MCP server for managing agents. Exposes all protocol operations as CLI commands and MCP tools.

npm install -g @auth/agent-cli
  • All protocol operations as CLI commands
  • MCP server mode for AI tool ecosystems
  • File-based persistent storage
  • Optional private key encryption (AES-256-GCM)
  • Environment variable configuration

View CLI docs → · View MCP docs → · View on GitHub →

Python

Coming soon. A Python SDK for the Agent Auth Protocol is in development. It will support both server and client implementations.

In the meantime, you can implement the protocol from scratch in Python using standard libraries for Ed25519 (e.g. cryptography) and JWT (e.g. PyJWT).

Other languages

The protocol is open and language-agnostic. To implement it from scratch, you need:

ComponentRequirements
Server3 database tables + Ed25519 JWT verification + device authorization flow
ClientEd25519 key generation + JWT signing + HTTP request binding
StandardsDPoP-style (RFC 9449) + Device Authorization (RFC 8628)

If you build an implementation, submit a PR to be listed here.