Agent Permissions API

Register agents, define delegations, and request payment permission via the AffixIO control plane. Your system calls the API; AffixIO returns allow, deny, or allow with limits and a verifiable proof.

Open API reference Product overview Request API access

Quickstart

Use the v1 base URL: https://api.affix-io.com/v1. Authenticate with X-AffixIO-Key or Authorization: Bearer <api_key>.

Create an organisation and API key

Create an org with POST /v1/orgs and an API key with POST /v1/api-keys. Use the key for all subsequent requests.

Register an agent

POST /v1/agents with name, type, ownerOrgId. Then POST /v1/agents/:agentId/credentials to issue credentials. Store the returned agent_id.

Create a delegation

POST /v1/delegations with agent_id, permissions, merchant_constraints, amount_limits, currency_limits, and optional validity_window. This defines what the agent is allowed to do.

Request payment permission

When the agent needs to trigger a payment, call POST /v1/nior/agent/permission with agent_id, device_id, delegation_id, and payment intent details. The response includes action (ALLOW, DENY, ALLOW_WITH_LIMITS, etc.), reason_codes, proof_id, and expires_at.

Authorise only if permitted

If action is ALLOW or ALLOW_WITH_LIMITS, call POST /v1/payment-intents/:paymentIntentId/authorise. If DENY, do not proceed. Store proof_id with the transaction for audit.

Example: permission request

curl -X POST https://api.affix-io.com/v1/nior/agent/permission \
  -H "Authorization: Bearer $AFFIXIO_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "agent_id": "agt_5d1f9b3a",
    "device_id": "dev_8c2e6a4f",
    "delegation_id": "dlg_2b8e4a7c",
    "payment_intent": {
      "merchant_id": "mer_3c7a1b9f",
      "amount": 1850,
      "currency": "GBP",
      "channel": "online"
    }
  }'

Response shape: decision_id, allowed, action, reason_codes, policy_id, delegation_id, max_amount, currency, requires_step_up, proof_id, audit_event_id, expires_at.

Core endpoints

POST /v1/agents – Create agent
GET /v1/agents/:agentId – Get agent
POST /v1/agents/:agentId/credentials – Issue credentials
POST /v1/delegations – Create delegation
POST /v1/delegations/:delegationId/revoke – Revoke delegation
POST /v1/trust/check – Trust check
POST /v1/nior/policy/decide – Policy decision
POST /v1/nior/agent/permission – Agent permission (main gate)
POST /v1/payment-intents – Create payment intent
POST /v1/payment-intents/:id/authorise – Authorise (after permission allowed)

Full list and request/response schemas: api.affix-io.com/docs and /v1/openapi.json.

Agent Permissions product page · Offline permission tokens · Delegated payments · Technical architecture · Contact