How it works

A business checkpoint meets an agent passport.

A two-sided trust loop. The verifier sits between the agent and the action that can create risk.

The loop

Four steps, repeated for every sensitive action.

Gardien goes in front of a protected form, checkout, booking, account action, or API write. Free for the business.

The agent sends its passport and a signed request so the verifier can check owner, scope, freshness, and status.

Allowed, needs approval, denied, expired, or revoked — enforced before the risky action runs.

Owners and businesses can pause, expire, or revoke trust at any time. The audit trail keeps it reviewable.

Verifier loop

Gardien checks the passport, the policy, and the action scope before the website accepts the request.

Start with a single route, form, checkout step, booking, or API write.

The agent proves owner, purpose, scope, expiry, and revocation state.

Your system receives allowed, denied, expired, revoked, or needs approval.

live verifier

POST /v1/verify

agent_idshopping-agent

actioncheckout.submit

scopepurchase:single

expires_in12m

requestcheckout.submit · shopping-agent$42

policypassport.active · scope: purchasefresh

decisionneeds_approval · owner approvedallowed

decision returned

needs_approval → allowed

The site enforces the answer before the action runs. Trust can expire or be revoked later.

Verifier decisions

allowedLow-risk action matches current passport, policy, scope, and expiry.

needs_approvalThe agent may be trusted, but this action needs a human decision.

deniedThe request fails policy, scope, origin, signature, or risk checks.

expiredThe trusted window is over; the agent needs a fresh decision.

revokedTrust was stopped and the action should not continue.

The clean first pilot: one protected business action, one passported agent. If that loop is useful, expand from there.

Next step