Documentation
¶
Overview ¶
Command agentauth-server runs a unified authorization server that combines the AAuth Person Server (human consent) and the ID-JAG Authorization Server (automated token exchange) into a single deployable binary.
Usage:
agentauth-server [flags]
The server exposes endpoints for both protocols:
AAuth Person Server endpoints (human consent):
GET /.well-known/aauth-configuration - Discovery metadata
POST /aauth/authorize - Request authorization
GET /aauth/consent/{id} - Consent page
POST /aauth/consent/{id} - Submit consent
GET /aauth/consent/status/{id} - Poll consent status
POST /aauth/token - Token endpoint
ID-JAG Authorization Server endpoints (automated):
GET /.well-known/oauth-authorization-server - Discovery metadata
POST /oauth/token - Token exchange
POST /oauth/introspect - Token introspection
POST /oauth/revoke - Token revocation
Shared endpoints:
GET /.well-known/jwks.json - Public key set
Example:
# Start server with default settings (in-memory database) agentauth-server # Start with persistent SQLite database agentauth-server --db ./agentauth.db # Start with custom port and issuer agentauth-server --port 9000 --issuer https://auth.example.com
Click to show internal directories.
Click to hide internal directories.