Concepts
Concepts
The pages here explain how auth51 works and why it’s built the way it is. You don’t need them to get started, but they’re worth reading once — they’re short, and each one starts from a problem you already have.
Read them in order the first time; they build on each other.
- Agent identity→
What makes an agent that agent — and why identity is a fingerprint of the code, not a secret it carries.
- Intent tokens→
One short-lived credential per action, bound to a key the agent can’t hand over. Why a stolen one is inert.
- Proof-of-possession (DPoP)→
How auth51 binds a token to the process that minted it, so copying it out of a log gets you nowhere.
- Grants & scopes→
The ceiling on what an agent may mint — base scopes plus gated step-up scopes, enforced at mint.
- Workflows & steps→
Ordered plans with per-step scopes, prerequisites, and approval gates — so a run can’t skip ahead.
- Delegation & chains→
How a hand-off between agents is recorded, hashed into the token, and validated so the path can’t be forged.
- Non-amplification→
Why a delegated or fanned-out call can never end up with more authority than the one it came from.
- Discovery & the trust boundary→
How unregistered agents surface for review without their prompts ever entering the authority.
- MCP governance→
Governing what an agent can do through third-party MCP servers, tool call by tool call.