Skip to main content
A Passport is a signed credential that an AI agent carries to prove its identity and permissions.

What’s in a Passport?

A Passport contains:
  • Identity — What the agent is (agent ID, type, metadata)
  • Issuer — Who vouches for the agent (self, internal, verified, or certified)
  • Permissions — What the agent is allowed to do (action + resource + constraints)
  • Proof — Cryptographic signature proving authenticity

Example Passport

{
  "uni_version": "1.1.0",
  "passport_id": "uni_abc123",
  "identity": {
    "agent_id": "agent:my-agent",
    "type": "assistant"
  },
  "permissions": [
    {
      "action": "mcp:*",
      "target": null
    }
  ],
  "provenance": {
    "issuer": {
      "id": "issuer:acme",
      "type": "verified"
    },
    "issued_at": "2026-01-25T00:00:00Z",
    "expires_at": "2026-01-26T00:00:00Z"
  },
  "public_key": "base64...",
  "signature": "base64..."
}

Issuer Tiers

TierDescription
selfAgent issued its own passport (dev/test only)
internalIssued by an internal/organizational authority
verifiedIssued by a verified third-party
certifiedIssued by a certified authority

Creating Passports

from uniplex import Passport

# Self-issued (L1 only)
passport = Passport.create_self_issued(
    agent_id="my-agent",
    permissions="mcp:*",
    ttl_hours=24
)

# Verify signature
assert passport.verify_signature()

# Check permissions
passport.has_permission("mcp:search")  # True

Using the Agent Helper

The Agent class provides a simpler API for common tasks:
from uniplex import Agent

agent = Agent.create("my-agent", permissions="mcp:*")

# Quick permission check
if agent.can("mcp:search"):
    print("Allowed!")

# Full authorization
decision = agent.authorize("mcp:search")

Serialization

Passports can be serialized to JSON for transport:
# To JSON
json_str = passport.to_json()

# From JSON
passport = Passport.from_json(json_str)

# From environment variable
passport = Passport.from_env("UNIPLEX_PASSPORT")