---
title: "Identity"
category: "identity"
count: 17
---

# Identity

Credentials, trust signals, delegation, revocation, and reputation for AI agents.

Offerings: 17

| Company | Status | What you get | credential_type | who_accepts | delegation_model | revocation | reputation_model | Last checked |
| --- | --- | --- | --- | --- | --- | --- | --- | --- |
| [Agentic Fabriq](/companies/agentic-fabriq) | live | Agents get a unique managed identity tied to a delegating user, with scope-based permissions, a credential vault the agent never touches directly, and centralized audit logging of every call the agent makes. | Managed agent identity with credential vault | not published | Agents act on behalf of a specific user and are constrained to that user's granted permissions | Instant revocation and policy control from a central console | not published | 2026-07-05 |
| [AgentID](/companies/agentid) | live | Each agent gets a cryptographic certificate (Ed25519, ECDSA, or secp256k1 keys) that others can verify with a single API call, with a four-tier trust level system (L1-L4) that gates permissions and spending authority based on key binding and entity verification. | Cryptographic certificate (Ed25519 / ECDSA P-256 / secp256k1 key-bound), anchored on Solana | Agents built with LangChain, CrewAI, AutoGen, and OpenAI Agents | not published | not published | Four-tier trust level system (L1-L4) based on key binding, wallet binding, and entity verification | 2026-07-05 |
| [AgentRank](/companies/agentrank) | live | A public index and API that scores and ranks agents using verified on-chain settlement data, weighted by payer credibility, rather than self-reported claims or endorsements. | not published | not published | not published | not published | Settlement-grounded ranking derived from on-chain payment history, weighted by payer standing and stress-tested against collusion and sybil attacks. | 2026-07-05 |
| [AgentStamp](/companies/agentstamp) | live | Agents get an Ed25519-signed identity certificate (Bronze, Silver, or Gold tier) plus a 0-100 reputation score, with the option to export the credential as a W3C Verifiable Credential or an A2A-compatible passport. | Ed25519-signed stamp, exportable as W3C Verifiable Credential or A2A passport | not published | not published | not published | 0-100 score combining self-reported and independently verified trust signals, with peer vouching from established agents capped at 20 points per single-hop endorsement | 2026-07-05 |
| [APort](/companies/aport) | live | Agents get a passport, a W3C DID/VC based identity document declaring the agent's capabilities, that other systems can verify before authorizing an action, plus cryptographically signed (Ed25519) allow or deny decision records for audit. | W3C DID/VC based agent passport | Claude Code, Cursor, LangChain, LangGraph, CrewAI, OpenAI-based agents, MCP tools | not published | not published | Passport tracks declared agent capabilities and a running audit log of signed authorization decisions rather than a public trust score. | 2026-07-05 |
| [AstraSync](/companies/astrasync) | live | Agents get an ASTRA-ID, a portable agent card, and a dynamic trust score, registered and verified through the Know Your Agent API and SDKs. | ASTRA-ID agent card (ERC-8004-based), with support for mapping external DID, Verifiable Credential, SD-JWT, and X.509 credentials to the ASTRA-ID as primary anchor | A2A (Agent2Agent) counterparties, MCP endpoints, Commerce protocol integrators declaring ACP, AP2, UCP, VI, Agent Pay, x402, or TAP support | Agent cards declare a PDLSS permission envelope (Purpose, Duration, Limits, Scope, Self-instantiation) set immutably at registration | No active revocation endpoint documented; lifecycle control is via deactivation, which moves an agent to a deactivated state while preserving audit history | Trust score from 0 to 100, computed at runtime from metadata completeness, KYD verification status, observed runtime behavior, and blockchain-recorded verification events | 2026-07-05 |
| [AXIS Trust (AXIS T-Score)](/companies/axis-trust-axis-t-score) | live | An agent registers to receive a permanent AUID and a T-Score, a 0-1000 behavioral trust rating placing it into one of five tiers (T1 Untrusted to T5 Sovereign), computed from timestamped, immutable behavioral event data rather than self-reported attestations. The score can be queried via API and displayed as a public trust profile in the AXIS agent directory. | AUID (Agent Universal Identifier) | AXIS agent directory, systems that query AXIS T-Score via API | not published | not published | Behavioral trust score (T-Score) on a 0-1000 scale across 11 dimensions including task completion, instruction adherence, data handling, and security posture, placing agents into tiers T1 (Untrusted) through T5 (Sovereign); computed from verified, timestamped, immutable event data submitted to AXIS. | 2026-07-05 |
| [Dock Labs (Truvera)](/companies/dock-labs-truvera) | live | Agents get a W3C verifiable credential that identifies them and encodes a delegated-authority grant from the authorizing user, including scope, spending caps, merchant restrictions, and expiration, which a merchant or platform can verify via API in real time. | W3C Verifiable Credential (identity credential plus delegated-authority credential) | Merchants and platforms integrating Truvera's verification API | Time-bound, scoped delegated-authority credentials specifying spending limits, merchant scope, and data access rules issued by the authorizing user to the agent. | Instant revocation of credentials across all agents without code changes. | not published | 2026-07-05 |
| [KnowThat.ai](/companies/knowthat-ai) | live | Operators can look up an AI agent's verification status and trust score, and can report on an agent's behavior to a shared, community-built reputation history. | MCP-I identity signal | MCP servers, operators vetting agent access | not published | not published | Community-reported behavior history aggregated into a per-agent trust score, contributed by reporting operators. | 2026-07-05 |
| [RNWY](/companies/rnwy) | live | An agent registers via web form, API, or self-registration and receives a soulbound (non-transferable) token minted to its controlling wallet, plus a public profile and an algorithmic trust score derived from on-chain activity, wallet age, and transaction patterns. | ERC-5192 soulbound token identity, with attestations recorded via Ethereum Attestation Service on the Base blockchain | RNWY's own trust-score API and AI Observatory directory, ERC-8004 ecosystem participants | Credential is minted directly to the wallet an agent or its operator controls; the site describes support for both human-operated and autonomously self-registering agents. | The token cannot be transferred or revoked by an external authority; only the holder can burn it, by design, to prevent reputation laundering. | Algorithmic trust score and tier classification based on on-chain activity history, wallet age, and transaction patterns, with sybil detection and explainable scoring methodology. | 2026-07-05 |
| [Skyfire](/companies/skyfire) | live | Agents get a portable verified identity token for access, login, and agent protocol interactions. | KYA token | not published | not published | not published | not published | 2026-07-05 |
| [Sumsub](/companies/sumsub) | live | Businesses get a Know Your Agent (KYA) product that detects automated and agent-driven activity, risk-scores it, and binds verified AI agent actions to a verified human identity for accountability and revocation. | Human-bound verification (liveness verification plus device intelligence, not a standalone agent credential) | Sumsub customers in fintech, payments, e-commerce, and ticketing | Human-delegated authentication: an agent's authority derives explicitly from a verified human, creating an accountability chain from agent to verified user to facial identity | Revocation is tied to the bound human identity: if the verified person is banned or blocklisted, the linked automation is banned as well | Continuous behavioral and contextual risk scoring across the customer lifecycle, used to allow, limit, or challenge automated activity | 2026-07-05 |
| [T54 Labs](/companies/t54-labs) | live | Agents get a verified identity credential covering developer and business verification, model provenance, human-agent binding, and intent attestation, marketed as Know Your Agent (KYA). | Know Your Agent (KYA) verification | not published | Binds an agent's actions to a verified human or business operator and attests to transaction intent | not published | not published | 2026-07-05 |
| [Vouched](/companies/vouched) | live | Agents enrolled in Vouched's Know Your Agent suite receive a did:cheqd decentralized identifier and W3C verifiable credentials anchored on the cheqd network, cryptographically linking the agent back to a verified human or organizational owner. Vouched also offers Agent Checkpoint, which detects agentic traffic on a site, applies access policies, and governs delegated permissions, plus KnowThat.ai, a public registry for discovering and checking the reputation of agents before interacting with them. | did:cheqd DID with W3C verifiable credentials (DID-Linked Resources on the cheqd network) | Sites and platforms using Vouched Agent Checkpoint to gate agentic traffic, Organizations querying the KnowThat.ai registry | Each agent DID is cryptographically linked back to the verified human or organization that authorized it, using hierarchical Decentralised Trust Chains from a root authority through accredited organizations to individual agents. | Credentials support suspension and revocation with tamper-evident, on-chain history maintained on the cheqd network. | KnowThat.ai maintains verifiable, time-stamped interaction logs used to evaluate agent reputation before enabling interaction. | 2026-07-05 |
| [Experian Agent Trust](/companies/experian) | announced | Businesses get a Know Your Agent (KYA) framework that issues an Agent Trust Token binding a verified consumer, their device, and an AI agent acting on their behalf, plus an Agent Registry that scores agent behavior and risk over time. | Agent Trust Token | not published | Human-to-agent binding linking a verified consumer, device, and agent | not published | Agent Registry tracking agent behavior and risk signals over time | 2026-07-05 |
| [Trulioo](/companies/trulioo) | announced | Trulioo has published a Know Your Agent (KYA) framework and a proposed Digital Agent Passport (DAP) credential intended to verify the developer, code integrity, user consent, and transaction authorization of an AI agent, and is working with Google to fit this into the AP2 agent payments protocol. | Digital Agent Passport (proposed) | Google AP2 ecosystem partners | not published | not published | not published | 2026-07-05 |
| [Chimoney](/companies/chimoney) | dead | Agents got a W3C DID based digital passport (the APort passport) with KYC and KYB built in, attached to a Chimoney agent wallet for identity verification. | W3C DID based digital passport | not published | Passports were attached to individual agent wallets created via API. | not published | not published | 2026-07-05 |

