Predicate Authority Overview

predicate-authority is an authorization layer for AI agents. It evaluates actions before execution, issues short-lived mandates, and records proof events for audit and governance.

Identity -> Policy -> Decision -> Action -> Ledger

Core capabilities

• Protect outbound API calls, browser actions, and tool execution.
• Enforce policy with state and verification evidence.
• Support revocation and operational controls with sidecar mode.
• Preserve deterministic behavior with fail-closed defaults.
• Support Okta/OIDC/Entra identity paths with strict claim/JWKS checks.
• Keep delegation resilient with capability-gated IdP token exchange and mandate fallback.
• Connect to control-plane (https://api.predicatesystems.dev) for centralized policy/audit.
• Pull policy/revocation updates via control-plane long-poll sync (sync_token aware).
• Enroll sidecars for fleet management and real-time revocation push (SSE).
• Provide tamper-evident audit integrity proofs (tenant Merkle root + event inclusion proof).
• Keep local sidecar logs ephemeral (24h TTL, redacted payloads) to encourage control-plane adoption.
• Protect control-plane availability with store circuit-breaker fail-fast behavior.
• Optionally stream governance events to Kafka for SIEM/audit fanout.

IdP compatibility checks (Okta, Entra, OIDC)

Use capability-gated checks before production rollout to choose the delegation path safely:

• If IdP token exchange/OBO is supported, use IdP-native delegation.
• If not supported, use predicate-authority mandate delegation fallback.

See runnable commands in:

• Fastest Local Validation Path
• Sidecar and Operations

Package model

• predicate-contracts: typed shared contracts and protocols.
• predicate-authority: policy engine, action guard, revocation, ledger.
• predicate-authorityd: Rust-based sidecar daemon for policy evaluation and mandate signing.

Installation

Python SDK

# Core SDK only
pip install predicate-authority

# SDK with sidecar extra (use quotes for zsh compatibility)
pip install "predicate-authority[sidecar]"

# IMPORTANT: The binary is NOT downloaded automatically during pip install.
# You must manually download it:
predicate-download-sidecar

TypeScript SDK

npm install @predicatesystems/authority

# With sidecar binary (automatically included for your platform)
npm install @predicatesystems/authorityd

Sidecar binary (manual download)

Download pre-built binaries from GitHub Releases:

| Platform | Binary | |----------|--------| | macOS ARM64 | predicate-authorityd-darwin-arm64.tar.gz | | macOS x64 | predicate-authorityd-darwin-x64.tar.gz | | Linux x64 | predicate-authorityd-linux-x64.tar.gz | | Linux ARM64 | predicate-authorityd-linux-arm64.tar.gz | | Windows x64 | predicate-authorityd-windows-x64.zip |

Execution model

1. Build ActionRequest from current agent context.
2. Call ActionGuard.authorize(request) or sidecar equivalent.
3. Execute action only when decision is allowed.
4. Emit mandate + proof events for governance and forensics.

This keeps control decisions explicit and auditable for each action boundary.

Typical deny reasons

• NO_MATCHING_POLICY
• EXPLICIT_DENY
• MISSING_REQUIRED_VERIFICATION
• INVALID_MANDATE

Next steps

• Continue to Fastest Local Validation Path
• Review Sidecar and Operations