Docs
Install the checkpoint. Passport the agent. Verify the action.
The integration model: free business checkpoints, $5/month passports, and one verifier decision your system can enforce.
For businesses
Add the free checkpoint to one risky action first.
Pick the protected action
The form, route, checkout step, or API write where unknown agents create risk.
Install the checkpoint
Place the verifier before that action. Enforce sensitive writes server-side.
Set policy
Decide what's allowed, denied, or routed to human approval.
Review decisions
Use the decision trail without turning logs into customer-data storage.
For agent owners
Create a passport for each agent that needs trust.
Create the passport
Register owner, runtime, purpose, allowed surfaces, expiry, and approval rules.
Attach it to the agent
Configure the agent to present its passport when a protected website asks.
Act within scope
Only request actions that match the passport scope; respect every decision.
Pause or revoke
If the agent changes roles or is compromised, revoke before the next action.
Verifier shape
One enforceable question: should this agent act right now?
{
"siteId": "site_example",
"passportId": "ap_passport_123",
"action": "checkout.submit",
"origin": "https://store.example",
"timestamp": "2026-06-10T20:00:00Z",
"nonce": "unique-request-id",
"signature": "agent-request-signature"
}{
"decision": "needs_approval",
"requestId": "ap_req_7QJ9",
"passportStatus": "active",
"matchedPolicy": "high-value-checkout",
"approvalRequired": true,
"expiresAt": "2026-06-10T20:12:00Z"
}Decisions
Five outcomes. All enforceable.
Keep the browser helpful and the server authoritative: enforce sensitive actions server-side, reject stale or reused requests, log hashed identifiers instead of raw data, and fail closed for risky actions. Production credentials and API access are issued directly by Gardien — don't wire sensitive workflows to placeholder examples.
Next step