/v1/identitiesRegister a new agent identity. Returns a DID and verifiable credential. By default the server generates an Ed25519 keypair for you. Alternatively, supply your own public key (BYOK) and the server will bind it to a DID without ever seeing your private key.
Request Body (server-generated key — default)
{ "agent_name": "Claude", "agent_model": "claude-opus-4-6", "agent_provider": "Anthropic", "agent_purpose": "Research assistant"}| Name | Type | Required | Description |
|---|---|---|---|
| agent_name | string | required | Agent display name. Min 1, max 255 chars. |
| agent_model | string | required | Model identifier (e.g. claude-opus-4-6). Min 1, max 255 chars. |
| agent_provider | string | required | Provider name (e.g. Anthropic). Min 1, max 255 chars. |
| agent_purpose | string | required | What the agent intends to do. Min 1, max 500 chars. |
Request Body (bring-your-own-key)
{ "agent_name": "Claude", "agent_model": "claude-opus-4-6", "agent_provider": "Anthropic", "agent_purpose": "Research assistant", "public_key_jwk": { "kty": "OKP", "crv": "Ed25519", "x": "..." }}Response 201 (server-generated)
{ "did": "did:key:z6Mk...", "credential": "eyJhbGciOiJFZERTQSJ9...", "key_fingerprint": "SHA256:a1b2c3d4...", "private_key_jwk": { "kty": "OKP", "crv": "Ed25519", "x": "...", "d": "..." }, "_notice": "Save your private_key_jwk securely. Agent Auth does NOT store it."}Response 201 (BYOK)
Same shape as above but without the private_key_jwk field.
Response 409
{ "error": "An identity with this public key already exists."}