Extend your identity programme to every AI agent in your organisation. SPIFFE-based identities, scoped credentials, AuthZEN policies, and full audit, across every agent platform your teams use.
From identity issuance to credential rotation, policy enforcement to nightly anomaly baselines.
Every agent is issued a SPIFFE-format identity at registration and signs each request with its own RS256 key. Every audit row ties back to a verifiable, non-repudiable agent signature.
Per-org KEK in a Key Vault Premium (HSM). One DEK per credential, AES-256-GCM with org-bound AAD. Plaintext is unwrapped only in proxy memory at request time and discarded after the call.
AuthZEN 1.0-compatible PDP endpoint. Scope-based access decisions today, with a policy language on the roadmap. Every decision is logged to the audit trail.
Server-Sent Events push approval flow, CIBA-inspired. Owner-approved actions via the dashboard or an email magic link. Sensitive scopes always queue for approval.
Append-only audit log with a dedicated INSERT-only Postgres role. JSON export. Control mapping published today for OWASP LLM, Agentic and API Top 10, plus NIST AI RMF.
Rule-based detectors today: scope creep, first-time platform access, denial spikes, off-hours activity. Nightly per-agent behavioural baselines. Auto-suspend on threshold breach.
Every connected account is auto-labelled with its real identity at connect time, the GitHub login, Google email, or Slack workspace, so each audit row says which account acted. A reconciler keeps that coverage current, and a superadmin report cross-checks every connection across the vault, the registry, and the credential store.
Org-level isolation via Postgres RLS and per-org KEKs. Multi-user RBAC and team workspaces are on the Enterprise roadmap.
Agent statuses of active, suspended, and revoked. Per-permission approval flags. Credential expiry enforcement and rotation. From provisioning to decommissioning.
Okta SSO live today, broker-gated: access follows your identity provider via verified domain. Each user acts under their own OAuth identity per platform.
Identity is the foundation of AI governance. AgentValet extends the IAM discipline you already apply to users and service accounts, authentication, authorisation, audit, to the AI agents acting on your systems.
SPIFFE identities, a native OAuth 2.1 authorization server with RFC 7591 dynamic client registration and PKCE, OASIS AuthZEN 1.0 policy decisions, RS256 JWTs per agent. No proprietary identity primitives.
Built against the OWASP Non-Human Identity Top 10 and ISO 42001 controls. Tracking the IETF AIMS draft as it develops. Published mapping for OWASP LLM, Agentic and API Top 10.
Every agent identity carries purpose and data-handling claims. What the agent is permitted to do, with which classes of data, under what human-approval conditions. Authentication without constrained intent is just a faster audit log.
Every protocol on the wire is an IETF, OASIS, or CNCF standard. No lock-in to AgentValet-only formats.
20 platforms live
Identity + Policy + Vault
20 live, 5 in testing
Entra Agent ID governs the agents Microsoft builds. AgentValet governs the agents your developers build and run themselves: Claude Code, Cursor, Codex, Factory Droid, OpenClaw, and custom scripts.
One identity plane for the agents you build. Every action audited.
A published OWASP control crosswalk today. Additional frameworks added quarterly as customer review packs demand them. The list below is what is mapped, not what we aspire to map.
Full visibility into every agent's identity, credentials, permissions, and activity โ across all teams and environments.
| Agent | SPIFFE ID | Owner | Status | Last Active |
|---|---|---|---|---|
| invoice-processor | spiffe://corp/agent/inv-proc | finance-ops@corp | Active | 2 min ago |
| code-review-bot | spiffe://corp/agent/cr-bot | platform@corp | Active | 14 min ago |
| hr-onboarding-agent | spiffe://corp/agent/hr-onb | people-ops@corp | Suspended | 3 hrs ago |
| data-pipeline-v2 | spiffe://corp/agent/dp-v2 | data-platform@corp | Revoked | Dec 14, 2025 |
AgentValet runs as a managed cloud service. The production tenant is in Australia East today. For Enterprise customers, we can provision a dedicated managed tenant in your required region. No customer infrastructure to install or maintain. Talk to us about timelines.
Run by AgentValet. Per-org KEK in a Key Vault Premium (HSM). PostgreSQL RLS tenancy isolation. Append-only audit log. SLA available on the Enterprise contract. Australia East today; Enterprise customers can request a dedicated tenant in their required region (white-glove provisioning).
AgentValet's identity-first architecture is designed for environments where every agent action must be attributable, auditable, and aligned to a regulatory framework.
AgentValet is built to the open standards and governance frameworks shaping the next generation of identity, security, and AI accountability.
AgentValet tracks the developing IETF AIMS draft and maps its control surface to the OWASP Non-Human Identity Top 10 as that framework evolves.
Same core platform, different operational posture.
| Feature | AgentValet for teams | Enterprise |
|---|---|---|
| Agent registration | CLI self-serve | CLI + Admin console + API |
| Identity | SPIFFE ID (shared trust domain) | SPIFFE ID (dedicated trust domain on roadmap) |
| Credential storage | Per-org HSM KEK + DEK envelope | Per-org HSM KEK + DEK envelope |
| SSO | Built-in login | Okta SSO today (broker-gated) |
| Multi-user admin | Single owner | RBAC with team workspaces (roadmap) |
| Audit logs | 7 to 365 days by plan | 7 years + JSON export (SIEM forwarder on roadmap) |
| Anomaly detection | โ (Team tier and above) | 4 rule-based detectors + nightly baselines |
| Governance mapping | OWASP LLM / Agentic / API crosswalk | Same, plus NIST AI RMF + ISO 42001 alignment statement |
| Deployment | Managed cloud (shared region) | Managed cloud (region of your choice) |
| Support | Community + docs | Direct access + Enterprise SLA on contract |
Everything in Team, plus the identity, attribution, and forensic depth a regulated org needs โ and a pilot that lets you prove it before you commit.
Access follows your identity provider via verified domain. Pre-provisioned members; admins control roles in-app.
Choose whose connection an agent acts through. In per-user mode, each agent uses a specific person's stored OAuth connection, so the downstream SaaS logs attribute the action to that account instead of one shared service bot. Enforced server-side and Enterprise-only, with the credential and account used recorded on every proxied call.
IP, geo, and request ID columns on every action. Enterprise-only with dual opt-in gating. Audit export in CSV, JSON, or PDF on Team and above. A real investigation trail with per-call credential provenance.
Approval delegate magic links let sign-off authority scale across a real org. Approve from your phone via mobile push on Team and above, or sign off with a hardware passkey (WebAuthn, with clone detection). Agents never stall waiting on one person.
Effectively unlimited agents, calls, and audit retention. Governance that doesn't meter your growth.
Run a pilot with your real agents and platforms. If the audit trail and approval flow don't satisfy your security team, walk away โ no procurement, no commitment.
That question is the starting point. AgentValet is the answer. Talk to our team about extending your identity programme to the AI agents already acting on your systems.