API Endpoints

{
  "agent_id": "https://agent.example/.well-known/agent.json",
  "agent_attestation": "<JWT>",
  "developer": { "name": "...", "id": "..." },
  "requested_providers": [{ "provider_id": "...", "scopes": ["..."] }],
  "purpose": "...",
  "redirect_uris": ["..."]
}

{
  "client_id": "ath_...",
  "client_secret": "ath_secret_...",
  "agent_status": "approved",
  "approved_providers": [{ "provider_id": "...", "approved_scopes": [...], "denied_scopes": [...] }],
  "approval_expires": "2025-..."
}

{
  "client_id": "ath_...",
  "agent_attestation": "<JWT>",
  "provider_id": "...",
  "scopes": ["..."],
  "state": "<random>",
  "user_redirect_uri": "...",
  "resource": "..."
}

{
  "authorization_url": "https://...",
  "ath_session_id": "ath_sess_..."
}

{
  "grant_type": "authorization_code",
  "client_id": "ath_...",
  "client_secret": "ath_secret_...",
  "agent_attestation": "<JWT with aud=token endpoint URL>",
  "code": "...",
  "ath_session_id": "ath_sess_..."
}

{
  "access_token": "ath_tk_...",
  "token_type": "Bearer",
  "expires_in": 3600,
  "effective_scopes": ["..."],
  "provider_id": "...",
  "agent_id": "...",
  "scope_intersection": {
    "agent_approved": ["..."],
    "user_consented": ["..."],
    "effective": ["..."]
  }
}

Authorization: Bearer ath_tk_...
X-ATH-Agent-ID: https://agent.example/.well-known/agent.json  (optional)

{
  "token": "ath_tk_...",
  "client_id": "ath_...",
  "client_secret": "ath_secret_..."
}