AIB Cloud — Managed identity for your AI agents

The problem you have today

Every AI protocol built its own identity layer. You're managing 4 systems that don't talk to each other.

Today

MCP credentials managed separately from A2A
Revoking an agent = 4 different dashboards
Audit trail ends at every protocol boundary
"Which agent did this?" — depends which log you check
New protocol = another credential system to build

With AIB Cloud

One passport per agent, valid on all protocols
Revoke once → disabled everywhere in < 5ms
One trace ID follows requests across all protocols
Dashboard shows every action, every agent, real-time
New protocol = 1 config change, zero code

Integrate in 5 minutes or 1 day

Four patterns. Pick the one that fits your architecture. No lock-in — switch anytime.

5 MINUTES

SDK client

Import AIBClient, create a passport, send requests. Protocol detection, credential injection, and audit logging are automatic. 5 lines of Python.

1 HOUR

Gateway proxy

Run aib serve as a sidecar. Change the URL your agents call — that's it. Zero code changes. The gateway handles detection, credentials, and logging.

1 DAY

OIDC binding

Register AIB in your Identity Provider. Agents authenticate via Entra/Okta/Auth0, receive an AIB passport. Capabilities from roles. No new identity system to manage.

1 FILE

Custom protocol

Got a protocol we don't support? Drop a Python file in aib/bindings/. Three methods, ~50 lines. Auto-discovered on startup.

SDK — create passport + send requestPython

from aib.client import AIBClient client = AIBClient(api_key="aib_sk_...") # or gateway_url for self-hosted passport = client.create_passport(org="mycompany", agent="booking", protocols=["mcp", "a2a"]) result = client.send("https://partner.com/agent", {"task": "Book 3pm"}) print(result.protocol) # "a2a" — auto-detected print(result.trace_id) # one ID across all protocols

OIDC — plug into Microsoft EntraPython

from aib.oidc import OIDCProvider, OIDCBridge, ENTRA_PRESET provider = OIDCProvider( name="entra", issuer_url="https://login.microsoftonline.com/{tenant}/v2.0", client_id="your-aib-app-id", claim_mapping=ENTRA_PRESET["claim_mapping"], ) result = OIDCBridge(provider).exchange(entra_token) # result.capabilities = ["booking"] ← from Entra roles # result.protocols = ["mcp", "a2a"] ← from Entra groups

Everything you need, nothing you don't

Built for production. Every feature has tests. Every attack vector has a mitigation.

Agent Passport

One identity, all protocols. RS256 signed. Three tiers: permanent, session, ephemeral. Cascade revocation.

Credential Translator

A2A ↔ MCP ↔ DID automatic conversion. Input + output validated against injection attacks.

Gateway Proxy

Auto-detection, credential injection, SSRF defense. Adds < 3ms. Scales to 50K req/s.

Audit Dashboard

Every action logged with cryptographic receipts. Merkle Tree proofs. Real-time monitoring.

OIDC Integration

Entra, Okta, Auth0, Keycloak. Your agents use your existing IdP. No new identity system.

Multi-Signature

M-of-N signing policy. Gateway + OIDC + admin. Forging requires M keys.

Auto Key Rotation

90-day scheduled. Emergency rotation with instant revocation. Zero downtime.

GDPR Compliance

Crypto-shredding, PII guard, portability export, consent tracking. CNIL-validated approach.

Plugin System

New protocol = 1 file. Auto-discovered. 4 built-in (MCP, A2A, ANP, AG-UI).

Simple pricing

The protocol is free forever. The managed service is what you pay for.

Community

0€

Self-hosted gateway
MCP + A2A protocols
CLI + SDK
1,000 tx/month
Community support

Self-host free

Pro

99€ /month

Managed cloud gateway
All 4 protocols + plugins
OIDC binding
100,000 tx/month
Dashboard + audit 90d
Multi-sig + auto-rotation
Email support 48h

Coming soon

Enterprise

Custom

Dedicated infrastructure
Unlimited transactions
SIEM + SSO/SAML
Crypto-shredding GDPR
Merkle anchoring
SLA + onboarding

Stop managing 4 identity systems