Drop-in middleware that lets AI agents register, authenticate, and pay for your API. No browser, no forms, no CAPTCHA. Under 500ms.
AgentDoor sits alongside your existing auth. Clerk handles humans, AgentDoor handles agents. Same API, two doors.
const express = require("express"); const agentdoor = require("@agentdoor/express"); const app = express(); app.use(agentdoor({ scopes: [ { id: "data.read", description: "Read data", price: "$0.001/req" }, { id: "data.write", description: "Write data", price: "$0.01/req" } ] })); // Your existing routes — now agent-ready app.get("/api/data", (req, res) => { if (req.isAgent) { console.log(`Agent ${req.agent.id} requesting data`); } res.json({ data: "hello" }); });
import { agentdoor } from "@agentdoor/next"; export default agentdoor({ scopes: [{ id: "data.read", description: "Read" }], pricing: { "data.read": "$0.001/req" } }); export const config = { matcher: ["/api/:path*"] };
import { Hono } from "hono"; import { agentdoor } from "@agentdoor/hono"; const app = new Hono(); app.use("*", agentdoor({ scopes: [{ id: "data.read", description: "Read" }] }));
import Fastify from "fastify"; import { agentdoor } from "@agentdoor/fastify"; const app = Fastify(); app.register(agentdoor, { scopes: [{ id: "data.read", description: "Read" }] });
from fastapi import Depends, FastAPI from agentdoor_fastapi import AgentDoor, AgentDoorConfig, AgentContext app = FastAPI() gate = AgentDoor(app, config=AgentDoorConfig( service_name="My API", scopes=[{"name": "read", "description": "Read access"}], )) @app.get("/protected") async def protected(agent: AgentContext = Depends(gate.agent_required())): return {"agent": agent.agent_id}
AgentDoor uses Ed25519 challenge-response authentication. The agent's private key never leaves the agent. Total flow under 500ms.
GET /.well-known/ agentdoor.json
POST pubkey + scopes → get nonce
Sign nonce → get API key + JWT
Bearer token on all requests
Sign timestamp → new JWT
This generates a real Ed25519 keypair, signs a real challenge, and verifies the signature — all using the Web Crypto API. No simulation.
AgentDoor auto-generates a discovery endpoint so agents can find your API's capabilities, pricing, and auth methods with a single GET request.
{
"agentdoor_version": "1.0",
"service_name": "Your API",
"registration_endpoint": "/agentdoor/register",
"auth_endpoint": "/agentdoor/auth",
"scopes_available": [
{
"id": "data.read",
"description": "Read data",
"price": "$0.001/req",
"rate_limit": "1000/hour"
}
],
"auth_methods": ["ed25519-challenge", "x402-wallet", "jwt"],
"payment": {
"protocol": "x402",
"version": "2.0",
"networks": ["base"],
"currency": ["USDC"]
}
}
Agents don't have browsers. They can't click consent screens. AgentDoor gives them a native path.
Framework adapters, auth companion plugins, payment integrations.
AgentDoor doesn't replace Clerk or Auth0 — it adds an agent door next to your human door.
Open source. MIT licensed. Ship in 5 minutes.