Who this is for. You’re not building an agent or running a service — you just want the agent you already use to reach services. Building an agent product instead? See Build an agent. Running a service that should accept agents? See Accept AFAuth.
What you get
- An identity your agent controls — a
did:key, no shared passwords, no signup forms to automate. - Reach to spam-resistant services, because the agent is linked to a real human (you) — while exposing none of your personal information to those services.
- Control that stays with you: you own the key, you can claim anything it signs up for, and you can revoke it anytime (more below).
Set it up once
Install the afauth CLI
- Homebrew
- Install script
- Go
PATH — afauth --help lists the commands.Give your agent an identity
~/.afauth/key.json. That key is your agent’s identity.Link it to yourself
Most services run
attested_only, so this step is required before your agent can sign up — after it, afauth signup mints the short-lived proof automatically. Full detail: Link your agent to a human.Tell your agent the commands exist
Your agent drives
afauth by running it in the shell — it just needs to know the commands are there and when to reach for them. Paste this into the instruction file your tool reads:| Your tool | Paste it into |
|---|---|
| Claude Code | CLAUDE.md (project) or ~/.claude/CLAUDE.md (global) |
| Codex | AGENTS.md |
| Cursor | a Project Rule under .cursor/rules/ |
Now your agent signs up on its own
Ask it in plain language:“Sign up for Tavily and run a search for recent AFAuth coverage.”It runs the steps itself — no forms, no shared credentials:
What stays under your control
This is what makes letting an agent loose actually safe:- You own the key. Everything lives under
~/.afauth/;key.jsonis the sole credential. Back it up once —afauth keys export --out afauth-backup.json— and store it somewhere safe. - Abuse is bounded to you, not multiplied. Because the agent is linked to one human, a service rate-limits and bans per human — your whole fleet shares one bucket. A runaway or stolen agent can’t pose as thousands of fresh customers.
- You can claim anything it created. Turn any account into a human-owned one whenever you like:
afauth invite you@example.com --service <url>, then confirm from your inbox. See Invite and claim. - You can revoke it anytime. Drop the human link (
afauth trust forget, or revoke attrust.afauth.org/account), rotate the key, or recover a compromised one. - The agent can’t sign ownership away. Its signature alone can never bind an account to anyone else — claiming always requires a human authenticating at the invited address. That’s the protocol’s security boundary.
Where to next
The full CLI
Every
afauth command, grouped by what it does.Claim an account
Become the human owner of something your agent created.
How the human link works
What
afauth trust link proves — and what it deliberately keeps private.Why agents need their own identity
The case for agent-first auth, in one page.