Gates

A Gate is a lightweight library you embed in your service to verify Passports and make allow/deny decisions.

How Gates Work

Agent presents a Passport with its request
Gate verifies the cryptographic signature
Gate checks permissions against the requested action/resource
Gate returns an allow/deny decision

All of this happens locally — no network calls required.

Basic Usage

from uniplex import Gate, TrustProfile

gate = Gate(profile=TrustProfile.L1)

decision = gate.authorize_simple(
    passport=passport,
    action="read"
)

if decision.allowed:
    # Proceed
    pass
else:
    print(f"Denied: {decision.reason_code}")

Decision Object

The decision returned by the gate contains:

Field	Type	Description
`allowed`	bool	Whether the action is permitted
`reasonCode`	string	Reason code if denied
`passportId`	string	ID of the passport that was checked
`agentId`	string	ID of the agent

Trust Profiles

Gates operate at one of three trust levels:

from uniplex import Gate, TrustProfile

# Development/testing
gate = Gate(profile=TrustProfile.L1)

# Production
gate = Gate(profile=TrustProfile.L2)

# High assurance
gate = Gate(profile=TrustProfile.L3)

See Trust Profiles for details on each level.

Configuration

from uniplex import Gate, TrustProfile

gate = Gate(
    profile=TrustProfile.L2,
    policy={
        "allow_self_issued": False,
        "allowed_issuers": ["issuer:acme", "issuer:partner"]
    }
)

Getting Started

Core Concepts

Specification

MCP Servers

How Gates Work

Basic Usage

Decision Object

Trust Profiles

Configuration

Getting Started

Core Concepts

Specification

MCP Servers

​How Gates Work

​Basic Usage

​Decision Object

​Trust Profiles

​Configuration

How Gates Work

Basic Usage

Decision Object

Trust Profiles

Configuration