UnaFonte
Back to homeGet Started
Agent CredentialsMenu

Agent Credentials

Agent credentials let you register AI agents under your verified UnaFonte identity. Each agent carries a credential that proves "a real, verified human authorized this agent" — without exposing who that human is.

Why Register Agents?

As agents start transacting with services, booking things, and executing tasks autonomously, services need a fast way to verify there's an accountable human behind an agent. UnaFonte is already the identity root — agents are just another branch.

What a Credential Looks Like

When you register an agent, UnaFonte generates a signed, opaque token:

text
uf_agent_7kX9mP2vLqR4nT8wB5jY1cD6fH3gA0

The credential contains an encoded reference to your registered agent, but carries zero PII. Services that verify it see only:

  • The agent's name and status
  • That a verified human exists behind it
  • The verification level (government ID)
  • The country of verification

Services never see your name, email, username, or any identifying information. Privacy by architecture.

Registering an Agent

  1. Go to Dashboard → Agents
  2. Click New Agent
  3. Enter a name ("My Shopping Agent", "Content Poster", etc.)
  4. Optionally add a description and platform (LangChain, CrewAI, Claude, etc.)
  5. Click Create
  6. Copy the credential token — it's shown only once

Save the credential immediately

UnaFonte stores only a SHA-256 hash of the credential, never the raw token. If you lose it, you have to revoke the agent and register a new one. Copy it to a password manager or secrets vault as soon as you see it.

Using the Credential

Configure your agent to include the credential in its outgoing requests. Most agents add it as a header or a custom field when calling services. When a service wants to verify it, they POST to:

bash
curl -X POST https://unafonte.com/api/agents/verify \
  -H "Content-Type: application/json" \
  -d '{"credential": "uf_agent_7kX9mP2vLqR4nT8wB5jY1cD6fH3gA0"}'

Response:

json
{
  "valid": true,
  "agent": {
    "id": "ag_abc123",
    "name": "My Shopping Agent",
    "registeredAt": "2026-03-15T10:00:00Z",
    "status": "active"
  },
  "owner": {
    "verified": true,
    "verificationLevel": "government_id",
    "verifiedAt": "2026-01-15T10:00:00Z",
    "country": "US"
  }
}

Revoking an Agent

If an agent is compromised, retired, or no longer needed, revoke it immediately from Dashboard → Agents. Revocation takes effect instantly — the next verification call will return valid: false with reason credential_revoked.

Services may cache verification results

UnaFonte doesn't cache verification results on our side, but services checking your agents may cache their own results for a short time. Revocation is immediate at UnaFonte but may take a few seconds to propagate through third-party caches.

Requirements

Agent registration requires a verified identity. The whole value proposition is that agent credentials trace back to a verified human — letting unverified users register agents would undermine that. If you haven't completed identity verification, do that first.

Public Profile Display

Registered agents show on your public profile in the Registered Agents section. Each agent appears with its name, platform, and status. Descriptions stay private — only the name and platform are public.