Skip to main content

What is Grantex?

AI agents are acting in the world — booking travel, sending emails, executing trades, managing files — on behalf of real humans. But the foundational trust infrastructure for this doesn’t exist yet:
  • No standard way to grant an agent scoped, time-limited permissions on your behalf
  • Services can’t verify whether an agent is genuinely authorized by the claimed human
  • No auditable, tamper-proof record of what an agent did, when, and under whose authority
  • Multi-agent pipelines have no way to chain authorization — a sub-agent can’t prove it was legitimately spawned
Grantex solves this. It’s an open protocol that lets humans authorize AI agents with verifiable, revocable, audited grants built on JWT and the OAuth 2.0 model.

Key Properties

Model-Neutral

Works with OpenAI, Anthropic, Google, Llama, Mistral — any model, any framework.

Framework-Native

First-class integrations for LangChain, AutoGen, CrewAI, Vercel AI, OpenAI Agents SDK, Google ADK, and MCP.

Offline-Verifiable

Services verify tokens using published JWKS — zero runtime dependency on Grantex infrastructure.

Compliance-Ready

Tamper-evident audit trail, compliance exports, and evidence packs for SOC 2 and GDPR.

Install

npm install @grantex/sdk

Architecture

┌──────────────────────────────────────────────────────────────────────┐
│                         YOUR APPLICATION                             │
│                                                                      │
│   ┌──────────────┐    ┌──────────────┐    ┌───────────────────────┐ │
│   │  AI Agent    │    │  Grantex SDK │    │  End User Dashboard   │ │
│   │  (any model) │◄──►│  (2 lines)   │    │  (view / revoke)      │ │
│   └──────────────┘    └──────┬───────┘    └───────────────────────┘ │
└──────────────────────────────┼───────────────────────────────────────┘
                               │ HTTPS

┌──────────────────────────────────────────────────────────────────────┐
│                         GRANTEX PROTOCOL                             │
│                                                                      │
│  ┌─────────────┐  ┌──────────────┐  ┌─────────────┐  ┌──────────┐  │
│  │  Identity   │  │     Auth     │  │   Consent   │  │  Audit   │  │
│  │  Service    │  │   Service    │  │     UI      │  │  Chain   │  │
│  │  (DID/JWKS) │  │ (token i/o)  │  │  (hosted)   │  │ (append) │  │
│  └─────────────┘  └──────────────┘  └─────────────┘  └──────────┘  │
└──────────────────────────────────────────────────────────────────────┘


                ┌──────────────────────────┐
                │  Any Service / API       │
                │  Verifies via JWKS       │
                │  No Grantex dep needed   │
                └──────────────────────────┘

FAQ

No. Existing auth systems (Auth0, Okta, Supabase) are built for humans logging in. Grantex is built for autonomous agents acting on behalf of humans — a fundamentally different trust model with different primitives (delegation, scope chains, agent identity, real-time revocation, action audit trails).
OAuth 2.0 was designed for “user grants app permission to access their data.” Agents introduce new requirements: the agent needs a verifiable identity separate from its creator, grants need to be chainable across multi-agent pipelines, and every autonomous action must be attributable and auditable. We extend OAuth 2.0 concepts but add the agent-specific primitives it lacks.
MCP solves tool connectivity — how agents access data and call functions. Grantex solves trust — proving that an agent is authorized to use those tools on behalf of a specific human. They’re complementary. A Grantex-authorized agent uses MCP tools.
Yes. The reference implementation is fully open-source. Docker Compose deploy in one command. See the self-hosting guide.
The protocol spec is open (Apache 2.0). The goal is to contribute the spec to a neutral standards body (W3C, IETF, or CNCF) once it stabilizes. An IETF Internet-Draft has already been submitted.