Give every AI agent a cryptographic identity, scoped permissions, and an audit trail. Plugs into your existing auth stack.
pnpm add kavachosHow it works
With KavachOS
Human
logs in
Your app
session active
AI agent
kv_... token
Without
Human
logs in
Your app
session
AI agent
no identity
MCP server
wide open
Features
01 Agent identity
SHA-256 hashed, shown once, rotatable. Each agent is a first-class identity.
kv_a3f8c2...e91b02 Permission engine
Rate limits, time windows, IP allowlists, and human-in-the-loop approval gates.
03 Delegation chains
Pass a strict subset of permissions to a sub-agent. Depth limits and expiry built in.
04 Audit trail
Query by agent, action, or outcome. Export to JSON or CSV for compliance.
05 MCP OAuth 2.1
Full authorization server for Model Context Protocol with PKCE S256.
06 Framework adapters
Core has zero deps. Adapters for seven frameworks and any JS runtime.
Why now
41%
of MCP servers have zero auth
Bitsight 2025
97M
monthly MCP SDK downloads
npm
10K+
MCP servers deployed
Linux Foundation
Aug 2026
EU AI Act enforcement
Article 12
Comparison
| KavachOS | better-auth | DIY | |
|---|---|---|---|
| Agent-first identity | × | depends | |
| Wildcard permissions | × | depends | |
| Delegation chains | × | × | |
| MCP OAuth 2.1 | × | × | |
| Immutable audit | partial | × | |
| Token rotation | × | × | |
| Framework agnostic |
TypeScript, MIT licensed, works with any auth provider.