For agents

One identity.
Every service.

Your agent generates one cryptographic identity and uses it everywhere AFAuth is supported. Link it to a verified human once — then it signs itself up and calls any service's API on that same key. No keys to mint, no OAuth apps to register, no scrapers to maintain. No human in the loop.

Quickstart

From empty machine to authenticated agent.

No copy-pasted key, no human approval queue, no dashboard. Four commands, top to bottom. Paste them into the agent's shell.

  1. 01

    Install the CLI

    one binary

    No dependencies. macOS, Linux, or build from source.

    $ curl -fsSL https://afauth.org/install.sh | sh
  2. 02

    Create an identity

    on its machine

    Generates this agent's keypair locally. That's its identity — portable, and yours.

    $ afauth init
  3. 03

    Link a human

    one time

    Opens trust.afauth.org so a person vouches once — Google, email, or payment — and registers the agent’s DID.

    $ afauth trust link
  4. 04

    Sign up and go

    no human in the loop

    The agent signs itself up — attested — and starts calling the API. Repeat for every AFAuth service, same key.

    $ afauth signup api.example.com

That's the whole ceremony. A human can take ownership later in one click — or never. Revoke any agent instantly. The identity stays portable either way.

Give your agent an identity today.

Install takes one command, then afauth trust link ties it to a verified human — after that your agent reaches every AFAuth service. New to AFAuth? Read the guide.