frontpage.

Show HN: Grantex–Open authorization protocol for AI agents(IETF draft submitted)

2•mishrasanjeev•1h ago

AI agents are being deployed to schedule meetings, write code, manage infrastructure, and transact on behalf of users. But there's no standard way to authorize what an agent can do, audit what it did, or revoke access when something goes wrong. Most teams are hacking together API keys and custom RBAC — none of it is portable, auditable, or revocable at the agent level.

  Grantex is an open delegated authorization protocol designed specifically for AI agents. Think of it as OAuth 2.0 for the agentic era: a principal     
  (human or organization) grants an agent scoped, time-limited permissions via signed JWT tokens. Every action is auditable. Permissions can be revoked  
  instantly — including cascade revocation across delegation chains when one agent delegates to another.

  What makes it different:

  - Standards-track: We submitted an IETF Internet-Draft (draft-mishra-oauth-agent-grants-01) to the OAuth Working Group and filed a public comment with 
  NIST NCCoE on AI agent authorization.

  - Production-ready: 30+ packages across TypeScript, Python, and Go. Integrations for LangChain, OpenAI Agents SDK, Google ADK, CrewAI, Vercel AI, MCP, 
  and more. 679 tests. Deployed on Google Cloud Run.

  - Enterprise features: SOC 2 Type I certified. Security audited by Vestige Security Labs (all findings remediated). Policy engine integration with OPA 
  and Cedar. Budget controls with atomic debit. Prometheus metrics + OpenTelemetry tracing.

  - Self-hostable: Apache 2.0 licensed. Docker Compose for local dev, Helm chart for Kubernetes, Terraform provider for infrastructure-as-code.

  Quick start:

    npm install @grantex/sdk
    pip install grantex
    go get github.com/mishrasanjeev/grantex-go

  GitHub: https://github.com/mishrasanjeev/grantex
  Docs: https://grantex.dev/docs
  Playground: https://grantex.dev/playground
  Protocol spec: https://github.com/mishrasanjeev/grantex/blob/main/SPEC.md
  IETF draft: https://datatracker.ietf.org/doc/draft-mishra-oauth-agent-grants/

  Happy to answer questions about the protocol design, the IETF process, or implementation details.

Show HN: Giggles – A batteries-included React framework for TUIs

Curl documentation bans the word 'very'

Building an Open-Source Verilog Simulator with AI: 580K Lines in 43 Days

Iran's Cryptic Shortwave Messages [video]

Entry-level PC market to 'disappear' by 2028 – memory prices strain PC market

How to Recover Your Stolen Crypto After a Scam–Guidance from Intelligence Wizard

Show HN: Autonoma – Python secret fixer that refuses unsafe fixes

The Excommunicated Devs Making Games with AI

Ask HN: What Online LLM / Chat do you use?

CKAN – an open-source DMS (data management system)

My (Hypothetical) SRECon26 Keynote

Prompt Vault – Save and organize your AI prompts ($9 Pro)

Show HN: An Auditable Decision Engine for AI Systems

How to Recover Your Stolen Crypto After a Scam–Guidance from Intelligence Wizard

Do AI Agents Make Money in 2026? Or Is It Just Mac Minis and Vibes?

Underground Salt Caverns Are Preserving Our History

One-Stop Wan AI Video and Image Generator Platform

Show HN: Ask Mob

Show HN: A Kotlin Multiplatform app that works on watch, CLI, browser extension

NY bill would prohibit AI chatbots from giving legal advice

Show HN: Generate random, valid US residential addresses for testing

Unbound Video AI is the most unrestricted AI video tool I've tried in 2026

A timeline of cyber attacks:home users, contractors, and SMBs are now targets

Iran unleashes Shahed drones aimed at targets across Middle East

Shutting down, open sourced private AI document server

Zuckerberg's internal emails rendered as Facebook Messenger

Daily LNG freight rates jump over 40% amid Mideast strikes

Solar Time vs. Standard Time heat map chart

Show HN: One-click ComfyUI setup for RTX 50-series on Windows (cu130, no Docker)

Ask HN: Codex CLI error reveals "GPT-5.4-ab-arm2" string

Show HN: Grantex–Open authorization protocol for AI agents(IETF draft submitted)

Show HN: Giggles – A batteries-included React framework for TUIs

Curl documentation bans the word 'very'

Building an Open-Source Verilog Simulator with AI: 580K Lines in 43 Days

Iran's Cryptic Shortwave Messages [video]

Entry-level PC market to 'disappear' by 2028 – memory prices strain PC market

How to Recover Your Stolen Crypto After a Scam–Guidance from Intelligence Wizard

Show HN: Autonoma – Python secret fixer that refuses unsafe fixes

The Excommunicated Devs Making Games with AI

Ask HN: What Online LLM / Chat do you use?

CKAN – an open-source DMS (data management system)

My (Hypothetical) SRECon26 Keynote

Prompt Vault – Save and organize your AI prompts ($9 Pro)

Show HN: An Auditable Decision Engine for AI Systems

How to Recover Your Stolen Crypto After a Scam–Guidance from Intelligence Wizard

Do AI Agents Make Money in 2026? Or Is It Just Mac Minis and Vibes?

Underground Salt Caverns Are Preserving Our History

One-Stop Wan AI Video and Image Generator Platform

Show HN: Ask Mob

Show HN: A Kotlin Multiplatform app that works on watch, CLI, browser extension

NY bill would prohibit AI chatbots from giving legal advice

Show HN: Generate random, valid US residential addresses for testing

Unbound Video AI is the most unrestricted AI video tool I've tried in 2026

A timeline of cyber attacks:home users, contractors, and SMBs are now targets

Iran unleashes Shahed drones aimed at targets across Middle East

Shutting down, open sourced private AI document server

Zuckerberg's internal emails rendered as Facebook Messenger

Daily LNG freight rates jump over 40% amid Mideast strikes

Solar Time vs. Standard Time heat map chart

Show HN: One-click ComfyUI setup for RTX 50-series on Windows (cu130, no Docker)

Ask HN: Codex CLI error reveals "GPT-5.4-ab-arm2" string