Why agent identity matters
As agents move from chat to action, teams need to know who the agent acts for, what it was allowed to do, which policy applied, and what proof exists after the action.
Contextus schema
A lightweight schema for attaching agent identity, capability scopes, lifecycle status, and proof metadata to governed AI agent actions.
It is a practical schema for teams using Contextus to govern agent workflows through the API, CLI, SDK, and MCP adapter.
Customer outcome
As agents move from chat to action, teams need to know who the agent acts for, what it was allowed to do, which policy applied, and what proof exists after the action.
A passport can carry agent identity, owner identity, lifecycle status, capability scopes, risk thresholds, approval requirements, MCP metadata, and proof metadata for governed actions.
Contextus can link a governed action to an agent, owner, tool, policy decision, approval event, and proof record so the workflow becomes attributable, scoped, revocable, and reviewable.
MCP metadata can attach agent, owner, policy decision, and proof record to governed tool calls so teams can trace action back to the workflow.
Contextus can expose an A2A-style Agent Card compatibility view as metadata so teams can represent agent identity in familiar structures.
The schema is intended to stay practical: export/import, MCP attachment, revoked or suspended states, A2A-style metadata preview, and proof-linked action envelopes.
What it includes
Example JSON
{
"schema": "contextus.agent_passport/v1",
"agent": {
"id": "agent_deploy_bot",
"name": "Deploy Bot",
"owner": {
"type": "team",
"id": "platform-engineering"
},
"status": "active"
},
"capabilities": {
"allowed_actions": ["read_repo", "open_pr", "run_checks"],
"approval_required": ["deploy", "delete_data", "external_network"],
"max_risk": "medium"
},
"bindings": {
"mcp": {
"server_id": "repo-tools",
"tool_scope": "workspace"
},
"a2a_agent_card_preview": {
"supported": true,
"orchestration": false
}
},
"proof": {
"action_envelope_required": true,
"include_policy_decision": true,
"include_approval_event": true
}
}Where teams use it
Connect file writes, shell commands, and pull-request actions to the agent and owner responsible for the workflow.
Attach agent scope, policy decision, approval state, and proof metadata to governed MCP tool calls.
Give reviewers a clean record of which agent acted, what it was allowed to do, and how the decision was recorded.
Use active, suspended, revoked, and expired states to keep agent access aligned with team policy.
Developer surfaces
Agent Passport attaches agent identity, owner identity, scopes, lifecycle state, policy decisions, and proof metadata to governed actions inside Contextus workflows.
MCP metadata can carry the agent, owner, policy decision, approval state, and proof record for governed tool calls so teams can review who acted and why the action was allowed or held.
Contextus can map Agent Passport metadata into an A2A-style Agent Card view so teams can represent agent identity, capabilities, and lifecycle status in a portable shape.
Agent identity is managed inside governed Contextus workflows, where it can be linked to owners, policy decisions, approvals, and proof records.