Every agent one key one door. Agents that know what not to touch
Experience
Every AI agents gets its own cryptographic identity derived from your account. Each one sees only what you decided it should see. Not filtered after fetching. Never fetched at all.
One API call creates 1000 child agents simultaneously. Each inherits a unique identity, carries only its assigned scope, and expires automatically when task is done.
Your billing agent never sees your credit card. Your invoice checker never touches your salary. Not because we ask it nicely. Becaus the architecture makes it impossible. at the query level
Every agent action is logged and cryptographically chaned to the previous entry. Every spawn, every access, every denial. Tamper-evident and suitable for SOC2, HIPAA and ISO 27001 audits.
Embe one script tag and publish your permission schema. Tell agents exactly what they are allowed to access on your platform brfore thet even knock the door. this is the permission layer for the agentic internet.
Monitor all agent activities in real-time with our intuitive dashboard. Gain insights into your system's performance and ensure compliance with regulatory requirements. See denied attempts
Receive your parent identity token with max permissions to spawn agents and assign scopes.
One API call creats as many child agents as you need. Each with its own identity and only the permissions you assigned.
Each agent accesses only what you allowed it to. If it tries to do more, it gets denied and the attempt is logged in the audit chain.
Auth0 and Okta were built for humans. They map one identity to one account. JitJab was built for agents. One parent account spawns thousands of child identities, each scoped to exactly what it needs, each expiring automatically. You cannot bolt this onto existing auth systems. It has to be built from scratch. We did.
It gets blocked before any data is fetched from the database. Not filtered after the fact. The query is never made. The data is never touched. The attempt is logged permanently in your cryptographic audit chain and you can see it in your dashboard in real time.
Never. Child agent tokens are derived on demand and returned to you. They are never written to any database. If someone breached our servers they would find no agent tokens. They exist only in flight and in the application using them.
Free tier supports 10 agents per call and 100 per month. Builder supports 500 per call and 10,000 per month. Scale supports 10,000 per call and 500,000 per month. Enterprise has no practical limit. Every agent expires within 24 hours and creates zero standing permissions.
Yes. Every agent action is recorded in a cryptographically chained audit log where tampering is mathematically detectable. The audit trail is suitable for SOC2, HIPAA, and ISO 27001 audits. Enterprise plans include dedicated compliance reports, SIEM integration, and on-premise deployment options.
The collaborative approach they took was refreshing and effective
